Add to ORKGNetwork attacks on systems perpetrated by remote hackers rarely occur in isolation; when a successful or merely detected attack occurs, it is often desirable to reconstruct the context of this security breach: all the events that lead up to and are related to the breach. We mine the logs of recent network traffic data to find these contexts of attacks — we call them attack patterns. We propose an iterative algorithm for discovering attack patterns; the logs are scanned to identify coherent groups of events (called bubbles) that are likely to constitute attacks, and via a feedback mechanism, the degrees of belief that the bubbles are attack instances are propagated to the next iteration in order to refine the search for bubbles related to th...
Abstract—Malware is a major threat to security and privacy of network users. A huge variety of malwa...
This paper presents a novel network intrusion detection method that searches for frequency patterns ...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...
Security analysts have to deal with a large volume of network traffic to identify and prevent cyber ...
Intrusion Detection Systems (IDS), designed during the early era of the Internet to protect against ...
Abstract: New datamining techniques are developed for generating frequent episode rules of traffic e...
Modern computer network defense systems rely primarily on signature-based intrusion detection tools,...
As the Internet becomes larger in scale, more complex in structure and more diversified in traffic, ...
This thesis deals with detection of possible attacks in computer networks and subsequent generation ...
Computer crime is a large problem (CSI, 2004; Kabay, 2001a; Kabay, 2001b). Security managers have a ...
Network forensics investigates a network attack by tracing the source of the attack and attributing ...
Some computer security breaches cannot be prevented using access and information flow control techni...
Network forensic analysis is a process that analyzes intrusion evidence captured from networked envi...
International audienceThe unsupervised detection of network attacks represents an extremely challeng...
Abstract. The unsupervised detection of network attacks represents an extremely challenging goal. Cu...
Abstract—Malware is a major threat to security and privacy of network users. A huge variety of malwa...
This paper presents a novel network intrusion detection method that searches for frequency patterns ...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...
Security analysts have to deal with a large volume of network traffic to identify and prevent cyber ...
Intrusion Detection Systems (IDS), designed during the early era of the Internet to protect against ...
Abstract: New datamining techniques are developed for generating frequent episode rules of traffic e...
Modern computer network defense systems rely primarily on signature-based intrusion detection tools,...
As the Internet becomes larger in scale, more complex in structure and more diversified in traffic, ...
This thesis deals with detection of possible attacks in computer networks and subsequent generation ...
Computer crime is a large problem (CSI, 2004; Kabay, 2001a; Kabay, 2001b). Security managers have a ...
Network forensics investigates a network attack by tracing the source of the attack and attributing ...
Some computer security breaches cannot be prevented using access and information flow control techni...
Network forensic analysis is a process that analyzes intrusion evidence captured from networked envi...
International audienceThe unsupervised detection of network attacks represents an extremely challeng...
Abstract. The unsupervised detection of network attacks represents an extremely challenging goal. Cu...
Abstract—Malware is a major threat to security and privacy of network users. A huge variety of malwa...
This paper presents a novel network intrusion detection method that searches for frequency patterns ...
Preface on the 5th International Workshop on Traffic Measurements for Cybersecurity (10.1109/EuroSPW...