Case-based reasoning
Applying case-based reasoning: techniques for enterprise systems
Applying case-based reasoning: techniques for enterprise systems
Visual information retrieval
Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Content-Based Image Retrieval at the End of the Early Years
IEEE Transactions on Pattern Analysis and Machine Intelligence
The Earth Mover's Distance as a Metric for Image Retrieval
International Journal of Computer Vision
Computer Vision
The Perception of Visual Information
The Perception of Visual Information
Computer Vision: A Modern Approach
Computer Vision: A Modern Approach
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
IEEE Transactions on Visualization and Computer Graphics
A Visual Approach for Monitoring Logs
LISA '98 Proceedings of the 12th Conference on Systems Administration
Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Anomaly Detection Using Visualization and Machine Learning
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Case-Based Reasoning for Intrusion Detection
ACSAC '96 Proceedings of the 12th Annual Computer Security Applications Conference
HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
Visualization in Detection of Intrusions and Misuse in Large Scale Networks
IV '00 Proceedings of the International Conference on Information Visualisation
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
A Metric for Distributions with Applications to Image Databases
ICCV '98 Proceedings of the Sixth International Conference on Computer Vision
Visualizing Huge Tracefiles with Xscal
LISA '96 Proceedings of the 10th USENIX conference on System administration
Using Visualization in System and Network Administration
LISA '96 Proceedings of the 10th USENIX conference on System administration
Undermining an anomaly-based intrusion detection system using common exploits
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
| Hi-index | 0.00 |
The architecture herein advanced finds its rationale in the visual interpretation of data obtained from monitoring computers and computer networks with the objective of detecting security violations. This new outlook on the problem may offer new and unprecedented techniques for intrusion detection which take advantage of algorithmic tools drawn from the realm of image processing and computer vision. In the system we propose, the normal interaction between users and network configuration is represented in the form of snapshots that refer to a limited number of attack-free instances of different applications. Based on the representations generated in this way, a library is built which is managed according to a case-based approach. The comparison between the query snapshot and those recorded in the system database is performed by computing the Earth Mover's Distance between the corresponding feature distributions obtained through cluster analysis.