Abstract. Program anomaly detection analyzes normal program be-haviors and discovers aberrant executions caused by attacks, miscon-figurations, program bugs, and unusual usage patterns. The merit of program anomaly detection is its independence from attack signatures, which enables proactive defense against new and unknown attacks. In this paper, we formalize the general program anomaly detection prob-lem and point out two of its key properties. We present a unified frame-work to present any program anomaly detection method in terms of its detection capability. We prove the theoretical accuracy limit for pro-gram anomaly detection with an abstract detection machine. We show how existing solutions are positioned in our framework and illustra...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
An approach to the analysis of concurrent software is discussed. The approach, called anomaly detect...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
Program anomaly detection — modeling normal program executions to detect deviations at runtime as cu...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Profiling the behavior of programs can be a useful reference for detecting potential intrusions agai...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
This paper describes two recently developed intrusion detection algorithms, and gives experimental r...
Various vulnerabilities in software applications become easy targets for attackers. The trend consta...
Abstract—The trend constantly being observed in the evolu-tion of advanced modern exploits is their ...
Detecting anomalous program behaviors is an important approach to protect personal computers and org...
Abstract. Anomaly detection has been popular for a long time due to its ability to detect novel atta...
The inconsistency is a major problem in security of information in computer is two ways: data incons...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
An approach to the analysis of concurrent software is discussed. The approach, called anomaly detect...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
Program anomaly detection — modeling normal program executions to detect deviations at runtime as cu...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Profiling the behavior of programs can be a useful reference for detecting potential intrusions agai...
Modern stealthy exploits can achieve attack goals without introducing illegal control flows, e.g., t...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...
This paper describes two recently developed intrusion detection algorithms, and gives experimental r...
Various vulnerabilities in software applications become easy targets for attackers. The trend consta...
Abstract—The trend constantly being observed in the evolu-tion of advanced modern exploits is their ...
Detecting anomalous program behaviors is an important approach to protect personal computers and org...
Abstract. Anomaly detection has been popular for a long time due to its ability to detect novel atta...
The inconsistency is a major problem in security of information in computer is two ways: data incons...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
An approach to the analysis of concurrent software is discussed. The approach, called anomaly detect...
Many host-based anomaly detection systems monitor a process ostensibly running a known program by ob...