Communications of the ACM
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
Intrusion detection for distributed applications
Communications of the ACM
Intrusion detection in wireless ad-hoc networks
MobiCom '00 Proceedings of the 6th annual international conference on Mobile computing and networking
A requires/provides model for computer attacks
Proceedings of the 2000 workshop on New security paradigms
Characterizing the behavior of a program using multiple-length N-grams
Proceedings of the 2000 workshop on New security paradigms
Adaptive Intrusion Detection: A Data Mining Approach
Artificial Intelligence Review - Issues on the application of data mining
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Anomaly Detection in Embedded Systems
IEEE Transactions on Computers - Special issue on fault-tolerant embedded systems
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Simple, state-based approaches to program-based anomaly detection
ACM Transactions on Information and System Security (TISSEC)
Automated discovery of concise predictive rules for intrusion detection
Journal of Systems and Software
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
Using internal sensors and embedded detectors for intrusion detection
Journal of Computer Security
Enhancing profiles for anomaly detection using time granularities
Journal of Computer Security
Intrusion Detection via System Call Traces
IEEE Software
Mining TCP/IP Traffic for Network Intrusion Detection by Using a Distributed Genetic Algorithm
ECML '00 Proceedings of the 11th European Conference on Machine Learning
ICES '01 Proceedings of the 4th International Conference on Evolvable Systems: From Biology to Hardware
Fine-Grain Access Control for Securing Shared Resources in Computational Grids
IPDPS '02 Proceedings of the 16th International Parallel and Distributed Processing Symposium
Intrusion Detection Using Variable-Length Audit Trail Patterns
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
A Real-Time Intrusion Detection System Based on Learning Program Behavior
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Using Finite Automata to Mine Execution Data for Intrusion Detection: A Preliminary Report
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
A Useful Intrusion Detection System Prototype to Monitor Multi-processes Based on System Calls
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
User Profiling for Intrusion Detection Using Dynamic and Static Behavioral Models
PAKDD '02 Proceedings of the 6th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining
Detecting Manipulated Remote Call Streams
Proceedings of the 11th USENIX Security Symposium
Using Text Categorization Techniques for Intrusion Detection
Proceedings of the 11th USENIX Security Symposium
Hiding Intrusions: From the Abnormal to the Normal and Beyond
IH '02 Revised Papers from the 5th International Workshop on Information Hiding
BlueBoX: A policy-driven, host-based intrusion detection system
ACM Transactions on Information and System Security (TISSEC)
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Proceedings of the 25th International Conference on Software Engineering
Internet security and intrusion detection
Proceedings of the 25th International Conference on Software Engineering
Buffer overflow and format string overflow vulnerabilities
Software—Practice & Experience - Special issue: Security software
An Immunological Approach to Change Detection: Theoretical Results
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Anomaly Detection Using Call Stack Information
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
Anomaly intrusion detection in dynamic execution environments
Proceedings of the 2002 workshop on New security paradigms
Guarding the next Internet frontier: countering denial of information attacks
Proceedings of the 2002 workshop on New security paradigms
Defensive programming: using an annotation toolkit to build DoS-resistant software
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Markov Chains, Classifiers, and Intrusion Detection
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Lightweight agents for intrusion detection
Journal of Systems and Software
Intrusion detection techniques for mobile wireless networks
Wireless Networks
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A Hardware Artificial Immune System and Embryonic Array for Fault Tolerant Systems
Genetic Programming and Evolvable Machines
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Hybrid log segmentation for assured damage assessment
Proceedings of the 2003 ACM symposium on Applied computing
Towards NIC-based intrusion detection
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
Grid-computing portals and security issues
Journal of Parallel and Distributed Computing - Scalable web services and architecture
A data mining approach for database intrusion detection
Proceedings of the 2004 ACM symposium on Applied computing
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
HMM profiles for network traffic classification
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
MORPHEUS: motif oriented representations to purge hostile events from unlabeled sequences
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Web tap: detecting covert web traffic
Proceedings of the 11th ACM conference on Computer and communications security
Gray-box extraction of execution graphs for anomaly detection
Proceedings of the 11th ACM conference on Computer and communications security
A holistic approach to service survivability
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
An new intrusion detection method based on linear prediction
InfoSecu '04 Proceedings of the 3rd international conference on Information security
ACM Transactions on Computer Systems (TOCS)
Network-based Intrusion Detection-Modeling for a Larger Picture
LISA '02 Proceedings of the 16th USENIX conference on System administration
LAD: Localization Anomaly Detection forWireless Sensor Networks
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Papers - Volume 01
Defensive programming: using an annotation toolkit to build DoS-resistant software
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
The role of suspicion in model-based intrusion detection
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
An innate immune system for the protection of computer networks
WISICT '05 Proceedings of the 4th international symposium on Information and communication technologies
Application of SVM and ANN for intrusion detection
Computers and Operations Research
Self-healing mechanisms for kernel system compromises
WOSS '04 Proceedings of the 1st ACM SIGSOFT workshop on Self-managed systems
Using dynamic information flow analysis to detect attacks against applications
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Combining static analysis and runtime monitoring to counter SQL-injection attacks
WODA '05 Proceedings of the third international workshop on Dynamic analysis
Using artificial anomalies to detect unknown and known network intrusions
Knowledge and Information Systems
Anomalous path detection with hardware support
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
A multi-model approach to the detection of web-based attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Proceedings of the 12th ACM conference on Computer and communications security
Host-based detection of worms through peer-to-peer cooperation
Proceedings of the 2005 ACM workshop on Rapid malcode
Architecture for an Artificial Immune System
Evolutionary Computation
Transaction fusion: a model for data recovery from information attacks
Journal of Intelligent Information Systems - Special issue: Database and applications security
Anomalous system call detection
ACM Transactions on Information and System Security (TISSEC)
q-Gram Matching Using Tree Models
IEEE Transactions on Knowledge and Data Engineering
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Mitigating denial of service attacks: a tutorial
Journal of Computer Security
Improving address space randomization with a dynamic offset randomization technique
Proceedings of the 2006 ACM symposium on Applied computing
Internet instability and disturbance: goal or menace?
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Fighting cybercrime: a review and the Taiwan experience
Decision Support Systems - Special issue: Intelligence and security informatics
Synapse: auto-correlation and dynamic attack redirection in an immunologically-inspired IDS
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Proceedings of the 4th ACM workshop on Recurring malcode
BASS: a benchmark suite for evaluating architectural security systems
ACM SIGARCH Computer Architecture News
Problem diagnosis in large-scale computing environments
Proceedings of the 2006 ACM/IEEE conference on Supercomputing
Using Branch Correlation to Identify Infeasible Paths for Anomaly Detection
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Memory Protection through Dynamic Access Control
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Factor-analysis based anomaly detection and clustering
Decision Support Systems
Analyzing and evaluating dynamics in stide performance for intrusion detection
Knowledge-Based Systems
Guest Editorial: From intrusion detection to self-protection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Learning DFA representations of HTTP for protecting web applications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Protecting host-based intrusion detectors through virtual machines
Computer Networks: The International Journal of Computer and Telecommunications Networking
CuPIDS: An exploration of highly focused, co-processor-based information system protection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Adaptive anomaly detection with evolving connectionist systems
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
A comparative evaluation of two algorithms for Windows Registry Anomaly Detection
Journal of Computer Security
Network intrusion detection in covariance feature space
Pattern Recognition
Data reduction for the scalable automated analysis of distributed darknet traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Measurement and analysis of spywave in a university environment
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Automatic misconfiguration troubleshooting with peerpressure
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Detecting and countering system intrusions using software wrappers
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Automated response using system-call delays
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Storage-based intrusion detection: watching storage activity for suspicious behavior
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
On gray-box program tracking for anomaly detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Automating mimicry attacks using static binary analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Protecting against unexpected system calls
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Guarded models for intrusion detection
Proceedings of the 2007 workshop on Programming languages and analysis for security
Toward Automated Dynamic Malware Analysis Using CWSandbox
IEEE Security and Privacy
Analysis of Computer Intrusions Using Sequences of Function Calls
IEEE Transactions on Dependable and Secure Computing
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Learning program behavior profiles for intrusion detection
ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dendritic cells for SYN scan detection
Proceedings of the 9th annual conference on Genetic and evolutionary computation
Challenging the anomaly detection paradigm: a provocative discussion
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Weighting versus pruning in rule validation for detecting network and host anomalies
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
Probabilistic suffix models for API sequence analysis of Windows XP applications
Pattern Recognition
Trace anomalies as precursors of field failures: an empirical study
Empirical Software Engineering
Cognitive enhancements to support dependability
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Biologically-inspired Complex Adaptive Systems approaches to Network Intrusion Detection
Information Security Tech. Report
Information Security Tech. Report
Immuno-inspired autonomic system for cyber defense
Information Security Tech. Report
Processing of massive audit data streams for real-time anomaly intrusion detection
Computer Communications
CompSysTech '07 Proceedings of the 2007 international conference on Computer systems and technologies
A NetFlow based flow analysis and monitoring system in enterprise networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
ATLANTIDES: an architecture for alert verification in network intrusion detection systems
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Switchblade: enforcing dynamic personalized system call models
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Control of system calls from outside of virtual machines
Proceedings of the 2008 ACM symposium on Applied computing
Seeing the invisible: forensic uses of anomaly detection and machine learning
ACM SIGOPS Operating Systems Review
Prevention of information attacks by run-time detection of self-replication in computer codes
Journal of Computer Security
Behavioral detection of malware on mobile handsets
Proceedings of the 6th international conference on Mobile systems, applications, and services
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
A hybrid artificial immune system and Self Organising Map for network intrusion detection
Information Sciences: an International Journal
A methodology for designing accurate anomaly detection systems
Proceedings of the 4th international IFIP/ACM Latin American conference on Networking
Research on Bio-inspired Multi-net Paralleling Mechanism Based on Web Application
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part III: ICCS 2007
A Case-Based Approach to Anomaly Intrusion Detection
MLDM '07 Proceedings of the 5th international conference on Machine Learning and Data Mining in Pattern Recognition
Characterizing Bots' Remote Control Behavior
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Static Analysis on x86 Executables for Preventing Automatic Mimicry Attacks
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
ICCBR '07 Proceedings of the 7th international conference on Case-Based Reasoning: Case-Based Reasoning Research and Development
Signature Generation and Detection of Malware Families
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Negative Selection with Antigen Feedback in Intrusion Detection
ICARIS '08 Proceedings of the 7th international conference on Artificial Immune Systems
Dynamic Updating of Profiles for an Immunity-Based Anomaly Detection System
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part III
Visual Analysis of Program Flow Data with Data Propagation
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
System Call API Obfuscation (Extended Abstract)
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
A Type-2 Fuzzy Set Recognition Algorithm for Artificial Immune Systems
HAIS '08 Proceedings of the 3rd international workshop on Hybrid Artificial Intelligence Systems
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Automatic feature selection for anomaly detection
Proceedings of the 1st ACM workshop on Workshop on AISec
Efficiently tracking application interactions using lightweight virtualization
Proceedings of the 1st ACM workshop on Virtual machine security
Containment of network worms via per-process rate-limiting
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Fast intrusion detection based on a non-negative matrix factorization model
Journal of Network and Computer Applications
Anomaly detection in the case of message oriented middleware
Proceedings of the 2008 workshop on Middleware security
A Distributed Framework for the Detection of New Worm-Related Malware
EuroISI '08 Proceedings of the 1st European Conference on Intelligence and Security Informatics
Incorporation of Application Layer Protocol Syntax into Anomaly Detection
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Automatic software fault diagnosis by exploiting application signatures
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
Predicting intrusion goal using dynamic Bayesian network with transfer probability estimation
Journal of Network and Computer Applications
Detecting network intrusions using signal processing with query-based sampling filter
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Network anomaly detection based on wavelet analysis
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
State transition analysis to detect malicious program behavior
ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
Agent-based modeling of host-pathogen systems: The successes and challenges
Information Sciences: an International Journal
Transparent Process Monitoring in a Virtual Environment
Electronic Notes in Theoretical Computer Science (ENTCS)
Using static analysis for Ajax intrusion detection
Proceedings of the 18th international conference on World wide web
Testing Detector Parameterization Using Evolutionary Exploit Generation
EvoWorkshops '09 Proceedings of the EvoWorkshops 2009 on Applications of Evolutionary Computing: EvoCOMNET, EvoENVIRONMENT, EvoFIN, EvoGAMES, EvoHOT, EvoIASP, EvoINTERACTION, EvoMUSART, EvoNUM, EvoSTOC, EvoTRANSLOG
ACM Computing Surveys (CSUR)
Address-space layout randomization using code islands
Journal of Computer Security - Best papers of the Sec Track at the 2006 ACM Symposium
Anomaly detection using manifold embedding and its applications in transportation corridors
Intelligent Data Analysis - Knowledge Discovery from Data Streams
Using Artificial Intelligence for Intrusion Detection
Proceedings of the 2007 conference on Emerging Artificial Intelligence Applications in Computer Engineering: Real Word AI Systems with Applications in eHealth, HCI, Information Retrieval and Pervasive Technologies
A genetic programming approach to automated software repair
Proceedings of the 11th Annual conference on Genetic and evolutionary computation
IMAD: in-execution malware analysis and detection
Proceedings of the 11th Annual conference on Genetic and evolutionary computation
Selecting and Improving System Call Models for Anomaly Detection
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Journal of Network and Computer Applications
The future of biologically-inspired security: is there anything left to learn?
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Building an Application Data Behavior Model for Intrusion Detection
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
A Sense of `Danger' for Windows Processes
ICARIS '09 Proceedings of the 8th International Conference on Artificial Immune Systems
Active and Semi-supervised Data Domain Description
ECML PKDD '09 Proceedings of the European Conference on Machine Learning and Knowledge Discovery in Databases: Part I
Artificial immune system based intrusion detection system
Proceedings of the 2nd international conference on Security of information and networks
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
Constructing attribute weights from computer audit data for effective intrusion detection
Journal of Systems and Software
Indirect Branch Validation Unit
Microprocessors & Microsystems
A multi-model approach to the detection of web-based attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
On achieving good operating points on an ROC plane using stochastic anomaly score prediction
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 2nd ACM workshop on Security and artificial intelligence
Intrusion detection using signatures extracted from execution profiles
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Inferno: streamlining verification with inferred semantics
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Panacea: Automating Attack Classification for Anomaly-Based Network Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Protecting a Moving Target: Addressing Web Application Concept Drift
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Adaptive Anomaly Detection via Self-calibration and Dynamic Updating
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Automatically Adapting a Trained Anomaly Detector to Software Patches
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Storage-Based Intrusion Detection Using Artificial Immune Technique
ISICA '09 Proceedings of the 4th International Symposium on Advances in Computation and Intelligence
Efficient Intrusion Detection Based on Static Analysis and Stack Walks
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Application Data Consistency Checking for Anomaly Based Intrusion Detection
SSS '09 Proceedings of the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems
Fighting cybercrime: a review and the Taiwan experience
Decision Support Systems - Special issue: Intelligence and security informatics
An empirical study of malware evolution
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
On the Use of Singular Value Decomposition for a Fast Intrusion Detection System
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards an immunity-based system for detecting masqueraders
International Journal of Knowledge-based and Intelligent Engineering Systems
Automatic program repair with evolutionary computation
Communications of the ACM
Optimizing anomaly detector deployment under evolutionary black-box vulnerability testing
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
A comparison of techniques for on-line incremental learning of HMM parameters in anomaly detection
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Splash: ad-hoc querying of data and statistical models
Proceedings of the 13th International Conference on Extending Database Technology
pBMDS: a behavior-based malware detection system for cellphone devices
Proceedings of the third ACM conference on Wireless network security
Undermining an anomaly-based intrusion detection system using common exploits
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Accurate buffer overflow detection via abstract payload execution
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Research on hidden Markov model for system call anomaly detection
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
A risk-sensitive intrusion detection model
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
A learning, multi-layered, hardware artificial immune system implemented upon an embryonic array
ICES'03 Proceedings of the 5th international conference on Evolvable systems: from biology to hardware
Framework of an immunity-based anomaly detection system for user behavior
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
TokDoc: a self-healing web application firewall
Proceedings of the 2010 ACM Symposium on Applied Computing
Exploiting execution context for the detection of anomalous system calls
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Understanding precision in host based intrusion detection: formal analysis and practical models
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Swaddler: an approach for the anomaly-based detection of state violations in web applications
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Use of dimensionality reduction for intrusion detection
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Prevention of cross-site scripting attacks on current web applications
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Detecting motifs in system call sequences
WISA'07 Proceedings of the 8th international conference on Information security applications
Decentralized detector generation in cooperative intrusion detection systems
SSS'07 Proceedings of the 9h international conference on Stabilization, safety, and security of distributed systems
PROBE: a process behavior-based host intrusion prevention system
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Efficient, context-sensitive detection of real-world semantic attacks
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Improved identification of Hammerstein plants using new CPSO and IPSO algorithms
Expert Systems with Applications: An International Journal
Combining hidden Markov models for improved anomaly detection
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
A Survey of artificial immune applications
Artificial Intelligence Review
Developing cyberspace data understanding: using CRISP-DM for host-based IDS feature mining
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Effective and efficient malware detection at the end host
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Evaluations for immunity-based anomaly detection with dynamic updating of profiles
Artificial Life and Robotics
AccessMiner: using system-centric models for malware protection
Proceedings of the 17th ACM conference on Computer and communications security
Storage-Based Intrusion Detection
ACM Transactions on Information and System Security (TISSEC)
Intellectual intrusion detection with sequences alignment methods
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Automatic discovery of parasitic malware
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Live and trustworthy forensic analysis of commodity production systems
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Community epidemic detection using time-correlated anomalies
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
An insider threat prediction model
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Cujo: efficient detection and prevention of drive-by-download attacks
Proceedings of the 26th Annual Computer Security Applications Conference
Collaborative RFID intrusion detection with an artificial immune system
Journal of Intelligent Information Systems
Negative selection algorithms on strings with efficient training and linear-time classification
Theoretical Computer Science
A malware detection algorithm based on multi-view fusion
ICONIP'10 Proceedings of the 17th international conference on Neural information processing: models and applications - Volume Part II
Attribution of malicious behavior
ICISS'10 Proceedings of the 6th international conference on Information systems security
Abstracting audit data for lightweight intrusion detection
ICISS'10 Proceedings of the 6th international conference on Information systems security
Intrusion detection using continuous time Bayesian networks
Journal of Artificial Intelligence Research
An immunological approach to change detection: algorithms, analysis and implications
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Artificial malware immunization based on dynamically assigned sense of self
ISC'10 Proceedings of the 13th international conference on Information security
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
Fmeter: extracting indexable low-level system signatures by counting kernel function calls
Proceedings of the 13th International Middleware Conference
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.05 |
A method for anomaly detection is introduced in which ``normal'' is defined by short-range correlations in a process' system calls. Initial experiments suggest that the definition is stable during normal behavior for standard UNIX programs. Further, it is able to detect several common intrusions involving sendmail and lpr. This work is part of a research program aimed at building computer security systems that incorporate the mechanisms and algorithms used by natural immune systems.