IEEE Transactions on Software Engineering - Special issue on computer security and privacy
ISSTA '94 Proceedings of the 1994 ACM SIGSOFT international symposium on Software testing and analysis
Content-Based Image Retrieval at the End of the Early Years
IEEE Transactions on Pattern Analysis and Machine Intelligence
The Earth Mover's Distance as a Metric for Image Retrieval
International Journal of Computer Vision
ACM Transactions on Information and System Security (TISSEC)
Computer Vision
Computer Vision: A Modern Approach
Computer Vision: A Modern Approach
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Anomaly Detection Using Visualization and Machine Learning
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Case-Based Reasoning for Intrusion Detection
ACSAC '96 Proceedings of the 12th Annual Computer Security Applications Conference
HAPTICS '02 Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems
"Why 6?" Defining the Operational Limits of Stide, an Anomaly-Based Intrusion Detector
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Neural Network Component for an Intrusion Detection System
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
A Metric for Distributions with Applications to Image Databases
ICCV '98 Proceedings of the Sixth International Conference on Computer Vision
Visualizing Huge Tracefiles with Xscal
LISA '96 Proceedings of the 10th USENIX conference on System administration
Using Visualization in System and Network Administration
LISA '96 Proceedings of the 10th USENIX conference on System administration
A Visual Approach for Monitoring Logs
LISA '98 Proceedings of the 12th USENIX conference on System administration
Undermining an anomaly-based intrusion detection system using common exploits
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Case-Based Collective Inference for Maritime Object Classification
ICCBR '09 Proceedings of the 8th International Conference on Case-Based Reasoning: Case-Based Reasoning Research and Development
Hi-index | 0.00 |
Computer and network security is an extremely active and productive research area. Scientists from all over the world address the pertaining issues, using different types of models and methods. In this article we illustrate a case-based approach where the normal user-computer interaction is read like snapshots regarding a reduced number of instances of the same application, attack-free and sufficiently different from each other. The generic case representation is obtained by interpreting in numeric form the arguments and parameters of system calls deemed potentially dangerous. The similarity measure between a new input case and the ones stored in the case library is achieved through the calculation of the Earth Mover's Distance between the corresponding feature distributions, obtained by means of cluster analysis.