Add to ORKGAbstract. Attacks against privileged applications can be detected by analyzing the stream of system calls issued during process execution. In the last few years, several approaches have been proposed to detect anomalous system calls. These approaches are mostly based on modeling acceptable system call sequences. Unfortunately, the techniques proposed so far are either vulnerable to certain evasion attacks or are too expensive to be practical. This paper presents a novel approach to the analysis of system calls that uses a composition of dynamic analysis and learning techniques to characterize anomalous system call invocations in terms of both the invocation context and the parameters passed to the system calls. Our technique provides a more...
Host-based intrusion detection systems monitor systems in operation for significant deviations from ...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
this paper presents a novel anomaly detection approach that takes into account the information conta...
This paper demonstrates the value of analyzing sequences of function calls for forensic analysis. Al...
Beginning with the work of Forrest et al, several researchers have developed intrusion detection tec...
This paper discusses our research in developing a generalized and systematic method for anomaly dete...
Existing techniques used for anomaly detection do not fully utilize the intrinsic properties of embe...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
Abstract — In this paper, we propose a “bag of system calls ” representation for intrusion detection...
In this paper, we propose a "bag of system calls" representation for intrusion detection o...
Host-based intrusion detection systems monitor systems in operation for significant deviations from ...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...
this paper presents a novel anomaly detection approach that takes into account the information conta...
This paper demonstrates the value of analyzing sequences of function calls for forensic analysis. Al...
Beginning with the work of Forrest et al, several researchers have developed intrusion detection tec...
This paper discusses our research in developing a generalized and systematic method for anomaly dete...
Existing techniques used for anomaly detection do not fully utilize the intrinsic properties of embe...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
We describe an unsupervised host-based intrusion detection system based on system call arguments and...
Abstract — In this paper, we propose a “bag of system calls ” representation for intrusion detection...
In this paper, we propose a "bag of system calls" representation for intrusion detection o...
Host-based intrusion detection systems monitor systems in operation for significant deviations from ...
Many host-based anomaly detection systems monitor a process by observing the system calls it makes, ...
Part 9: Intrusion DetectionInternational audienceThe most common anomaly detection mechanisms at app...