Titlebook: Recent Advances in Intrusion Detection; 5th International Sy Andreas Wespi,Giovanni Vigna,Luca Deri Conference proceedings 2002 Springer-Ve

连系

Detecting Malicious Software by Monitoring Anomalous Windows Registry Accessesmachine by looking for anomalous accesses to the Windows Registry. The key idea is to first train a model of normal registry behavior on a windows host, and use this model to detect abnormal registry accesses at run-time. The normal model is trained using clean (attack-free) data. At run-time the mo

反话

Undermining an Anomaly-Based Intrusion Detection System Using Common Exploitsthose attacks involving masqueraders and novel methods. To date, however, there appears to be no study which has identified a systematic method that could be used by an attacker to undermine an anomaly-based intrusion detection system. This paper shows how an adversary can craft an offensive mechani

态学

Flagging

规范就好

TEN

Development of a Legal Framework for Intrusion Detectionificant opportunities to improve service delivery and to move into new areas of endeavour. But reliance on an inherently insecure infrastructure exposes organizations to a constantly evolving threat environment. Not only has the nature of the threat changed, so too has the scope of the protection pr

GROUP

Learning Unknown Attacks — A Startd unknown attacks without exhausting its redundancy. Our system provides continued application services to critical users while under attack with a goal of less than 25% degradation of productivity. Initial experimental results are promising. It is not yet a general open solution. Specification-base

Nibble

提名的名单

A Stochastic Model for Intrusionso simulate intelligent, reactive attackers. Using the situation calculus, our simulator can . the results actions with complex preconditions and context-dependent effects. We have extended the Golog situation calculus programming with . procedure invocation. With goal-directed invocation one can exp

Concrete

Attacks against Computer Network: Formal Grammar-Based Framework and Simulation Toollti-agent architecture. The model of an attack is considered as a complex process of contest of adversary entities those are malefactor or team of malefactors, on the one hand, and network security system implementing a security policy, on the other hand. The paper focuses on the conceptual justific