Add to ORKGAbstract — In this paper, we propose a “bag of system calls ” representation for intrusion detection in system call sequences and describe misuse and anomaly detection results with standard machine learning techniques on University of New Mexico (UNM) and MIT Lincoln Lab (MIT LL) system call sequences with the proposed representation. With the feature representation as input, we compare the performance of several machine learning techniques for misuse detection and show experimental results on anomaly detection. The results show that standard machine learning and clustering techniques on simple “bag of system calls” representation of system call sequences is effective and often performs better than those approaches that use foreign contiguo...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
Intrusion detection is a critical component of security information systems. The intrusion detection...
Intrusion detection systems rely on a wide variety of observable data to distinguish between legitim...
In this paper, we propose a "bag of system calls" representation for intrusion detection o...
In this paper, we propose a ``bag of system calls\u27\u27 representation for intrusion detection in ...
This paper discusses our research in developing a generalized and systematic method for anomaly dete...
This thesis concerns anomaly detection as a mechanism for intrusion detection in a machine learning ...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
this paper presents a novel anomaly detection approach that takes into account the information conta...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
In this paper we discuss our research in developing general and systematic method for anomaly detect...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
Intrusion detection is a critical component of security information systems. The intrusion detection...
Intrusion detection systems rely on a wide variety of observable data to distinguish between legitim...
In this paper, we propose a "bag of system calls" representation for intrusion detection o...
In this paper, we propose a ``bag of system calls\u27\u27 representation for intrusion detection in ...
This paper discusses our research in developing a generalized and systematic method for anomaly dete...
This thesis concerns anomaly detection as a mechanism for intrusion detection in a machine learning ...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
this paper presents a novel anomaly detection approach that takes into account the information conta...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
In this paper we discuss our research in developing general and systematic method for anomaly detect...
In this paper we describe our preliminary experiments to extend the work pioneered by Forrest (see F...
Intrusion detection is a critical component of security information systems. The intrusion detection...
Intrusion detection systems rely on a wide variety of observable data to distinguish between legitim...