IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Probabilistic reasoning in intelligent systems: networks of plausible inference
Probabilistic reasoning in intelligent systems: networks of plausible inference
Neural networks: algorithms, applications, and programming techniques
Neural networks: algorithms, applications, and programming techniques
On the self-similar nature of Ethernet traffic (extended version)
IEEE/ACM Transactions on Networking (TON)
Wide area traffic: the failure of Poisson modeling
IEEE/ACM Transactions on Networking (TON)
Communications of the ACM
Principles of a computer immune system
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
Automated system administration with feedback regulation
Software—Practice & Experience
ACM Transactions on Computer Systems (TOCS)
Pattern Recognition and Neural Networks
Pattern Recognition and Neural Networks
Elements of the Theory of Computation
Elements of the Theory of Computation
Time Series Analysis: Forecasting and Control
Time Series Analysis: Forecasting and Control
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
The Architecture of NG-MON: A Passive Network Monitoring System for High-Speed IP Networks
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Two Dimensional Time-Series for Anomaly Detection and Regulation in Adaptive Systems
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Distributed Fault Localization in Hierarchically Routed Networks
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Optimizing Quality of Service Using Fuzzy Control
DSOM '02 Proceedings of the 13th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Management Technologies for E-Commerce and E-Business Applications
Implementing a Generalized Tool for Network Monitoring
LISA '97 Proceedings of the 11th Conference on Systems Administration
LISA '98 Proceedings of the 12th Conference on Systems Administration
Experience with EMERALD to Date
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
On Preventing Intrusions by Process Behavior Monitoring
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
An Immunological Approach to Change Detection: Theoretical Results
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Self-Monitoring and Self-Adapting Operating Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
An Immunological Approach to Change Detection: Algorithms, Analysis and Implications
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Machine learning techniques for the computer security domain of anomaly detection
Machine learning techniques for the computer security domain of anomaly detection
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
On the theory of system administration
Science of Computer Programming
Analytical Network and System Administration: Managing Human-Computer Networks
Analytical Network and System Administration: Managing Human-Computer Networks
A graph-theoretical model of computer security: From file sharing to social engineering
International Journal of Information Security
Principle Components and Importance Ranking of Distributed Anomalies
Machine Learning
A Mathematical Theory of Communication
A Mathematical Theory of Communication
Automated response using system-call delays
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Intrusion detection using sequences of system calls
Journal of Computer Security
Principle Components and Importance Ranking of Distributed Anomalies
Machine Learning
A control theory perspective on configuration management and Cfengine
ACM SIGBED Review
IAT '06 Proceedings of the IEEE/WIC/ACM international conference on Intelligent Agent Technology
Biology, immunology and information security
Information Security Tech. Report
Rule generalisation in intrusion detection systems using SNORT
International Journal of Electronic Security and Digital Forensics
An adaptive anomaly detector for worm detection
SYSML'07 Proceedings of the 2nd USENIX workshop on Tackling computer systems problems with machine learning techniques
Anomaly detection and diagnosis in grid environments
Proceedings of the 2007 ACM/IEEE conference on Supercomputing
Improving Anomaly Detection Event Analysis Using the EventRank Algorithm
AIMS '07 Proceedings of the 1st international conference on Autonomous Infrastructure, Management and Security: Inter-Domain Management
An integrated approach to detection of fast and slow scanning worms
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Design of the host guard firewall for network protection
ISP'08 Proceedings of the 7th WSEAS international conference on Information security and privacy
On the use of computational geometry to detect software faults at runtime
Proceedings of the 7th international conference on Autonomic computing
A policy-based sensor selection system with goal oriented singular value decomposition technique
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Uncertainty in global application services with load sharing policy
DSOM'06 Proceedings of the 17th IFIP/IEEE international conference on Distributed Systems: operations and management
Towards an immunity-based anomaly detection system for network traffic
International Journal of Knowledge-based and Intelligent Engineering Systems
Hi-index | 0.00 |
Distributed host-based anomaly detection has not yet proven practical due to the excessive computational overhead during training and detection. This paper considers an efficient algorithm for detecting resource anomalies in event streams with either Poisson or long tailed arrival processes. A form of distributed, lazy evaluation is presented, which uses a model for human-computer interaction based on two-dimensional time and a geometrically declining memory to yield orders of magnitude improvements in memory requirements. A three-tiered probabilistic method of classifying anomalous behaviour is discussed. This leads to a computationally and memory economic means of finding probable faults amongst the symptoms of network and system behaviour.