Anomaly Detection (AD) sensors compute behavior pro-files to recognize malicious or anomalous activities. The behavior of a host is checked continuously by the AD sensor and an alert is raised when the behavior deviates from its behavior profile. Unfortunately, the majority of AD sensors suffer from high volumes of false alerts either maliciously crafted by the host or originating from insufficient training of the sensor. We present a cluster-based AD sensor that relies on clusters of behavior profiles to identify anomalous behavior. The behavior of a host raises an alert only when a group of host profiles with similar behavior (cluster of be-havior profiles) detect the anomaly, rather than just relying on the host’s own behavior profile to...
A new Cluster-based methodology for real-time Novelty Detection and Isolation (NDI) in sensor networ...
Critical networks require defence in depth incorporating many different security technologies includ...
This thesis proposes an intrusion detection system (IDS), which applies data mining clustering techn...
Anomaly Detection (AD) sensors compute behavior profiles to recognize malicious or anomalous activit...
Anomaly detection (AD) sensors compute behavior profiles to recognize malicious or anomalous activit...
As information systems become increasingly complex and pervasive, they become inextricably intertwin...
Nowadays, organization networks are facing an increased number of different attacks and existing int...
Techniques are described herein for clustering network hosts based on their network behavior to crea...
Current network access control systems can contain unpredictable interactions between multiple devic...
With the explosion of the number of distributed applications, a new dynamic server environment emerg...
Abstract: High-performance computing clusters have be-come critical computing resources in many sens...
In this paper, we introduce novel techniques that enhance the training phase of Anomaly Detection (A...
Abstract Much of the intrusion detection research focuses on signature (misuse) detection, where mod...
A new Cluster-based methodology for real-time Novelty Detection and Isolation (NDI) in sensor networ...
The primary function of wireless sensor networks is to gather sensor data from the monitored area. D...
A new Cluster-based methodology for real-time Novelty Detection and Isolation (NDI) in sensor networ...
Critical networks require defence in depth incorporating many different security technologies includ...
This thesis proposes an intrusion detection system (IDS), which applies data mining clustering techn...
Anomaly Detection (AD) sensors compute behavior profiles to recognize malicious or anomalous activit...
Anomaly detection (AD) sensors compute behavior profiles to recognize malicious or anomalous activit...
As information systems become increasingly complex and pervasive, they become inextricably intertwin...
Nowadays, organization networks are facing an increased number of different attacks and existing int...
Techniques are described herein for clustering network hosts based on their network behavior to crea...
Current network access control systems can contain unpredictable interactions between multiple devic...
With the explosion of the number of distributed applications, a new dynamic server environment emerg...
Abstract: High-performance computing clusters have be-come critical computing resources in many sens...
In this paper, we introduce novel techniques that enhance the training phase of Anomaly Detection (A...
Abstract Much of the intrusion detection research focuses on signature (misuse) detection, where mod...
A new Cluster-based methodology for real-time Novelty Detection and Isolation (NDI) in sensor networ...
The primary function of wireless sensor networks is to gather sensor data from the monitored area. D...
A new Cluster-based methodology for real-time Novelty Detection and Isolation (NDI) in sensor networ...
Critical networks require defence in depth incorporating many different security technologies includ...
This thesis proposes an intrusion detection system (IDS), which applies data mining clustering techn...