Sciweavers

32 search results - page 5 / 7
» Towards an Information-Theoretic Framework for Analyzing Int...
Sort
View
IJNSEC
2006
132views more  IJNSEC 2006»
13 years 6 months ago
Alert Correlation for Extracting Attack Strategies
Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend ...
Bin Zhu, Ali A. Ghorbani
ICC
2007
IEEE
164views Communications» more  ICC 2007»
14 years 16 days ago
A Framework of Attacker Centric Cyber Attack Behavior Analysis
—Cyber attack behavior analysis can be roughly classified as “network centric” and “attacker centric” approaches. Compared with traditional “network centric” approach...
Xuena Peng, Hong Zhao
RAID
1999
Springer
13 years 10 months ago
Combining Knowledge Discovery and Knowledge Engineering to Build IDSs
We have been developing a data mining (i.e., knowledge discovery) framework, MADAM ID, for Mining Audit Data for Automated Models for Intrusion Detection [LSM98, LSM99b, LSM99a]. ...
Wenke Lee, Salvatore J. Stolfo
USS
2004
13 years 7 months ago
Autograph: Toward Automated, Distributed Worm Signature Detection
Today's Internet intrusion detection systems (IDSes) monitor edge networks' DMZs to identify and/or filter malicious flows. While an IDS helps protect the hosts on its l...
Hyang-Ah Kim, Brad Karp
DSN
2008
IEEE
14 years 20 days ago
Anomaly? application change? or workload change? towards automated detection of application performance anomaly and change
: Automated tools for understanding application behavior and its changes during the application life-cycle are essential for many performance analysis and debugging tasks. Applicat...
Ludmila Cherkasova, Kivanc M. Ozonat, Ningfang Mi,...