Add to ORKGProceedings of the Intelligence Analysis Conference, McLean, Virginia, USA, May 2005We develop methods for assessing the typicality of the file system of a computer. This is helpful in analyzing, for instance, captured terrorist machines to decide if their information is genuine and for testing whether a honeypot is convincing. We have implemented a program that computes 28 metrics on a file system including features such as the average number of files per directory, the average number of programs per directory, the length of an average filename, the size of the average file, and the average time the file was last modified. We also can infer analogous directories with different names or paths on two file systems. We show that comparing the ...
This project aims to present the functionality and accuracy of five different machine learning algor...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Malcode can be easily hidden in document files and go undetected by standard technology. We demonstr...
Fake file systems are used in the field of cyber deception to bait intruders and fool forensic inves...
Honeypots are computer systems that try to fool cyberattackers into thinking they are ordinary compu...
Malicious programs have been a serious threat for the confidentiality, integrity and availability of...
We describe an anomaly detector, called FWRAP, for a Host-based Intrusion Detection System that moni...
Previous research [1] has indicated that reputation scores can be used as the basis for trust comput...
Malware concealment is the predominant strategy for malware propagation. Black hats create variants ...
Intrusion detection systems (IDS) are systems aimed at analyzing and detecting security problems. Th...
Hierarchical storage system namespaces are notorious for their immense size, which is a significant ...
Abstract: We describe a tool Dirim for automatically finding files on a drive that are anomalous or ...
This paper introduces two concepts: Canary Files and a Canary File management system. A Canary File ...
Malicious software authors have shifted their focus from illegal and clearly malicious software to...
File pollution is a problem that is threatening security and availability in peer-to-peer environmen...
This project aims to present the functionality and accuracy of five different machine learning algor...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Malcode can be easily hidden in document files and go undetected by standard technology. We demonstr...
Fake file systems are used in the field of cyber deception to bait intruders and fool forensic inves...
Honeypots are computer systems that try to fool cyberattackers into thinking they are ordinary compu...
Malicious programs have been a serious threat for the confidentiality, integrity and availability of...
We describe an anomaly detector, called FWRAP, for a Host-based Intrusion Detection System that moni...
Previous research [1] has indicated that reputation scores can be used as the basis for trust comput...
Malware concealment is the predominant strategy for malware propagation. Black hats create variants ...
Intrusion detection systems (IDS) are systems aimed at analyzing and detecting security problems. Th...
Hierarchical storage system namespaces are notorious for their immense size, which is a significant ...
Abstract: We describe a tool Dirim for automatically finding files on a drive that are anomalous or ...
This paper introduces two concepts: Canary Files and a Canary File management system. A Canary File ...
Malicious software authors have shifted their focus from illegal and clearly malicious software to...
File pollution is a problem that is threatening security and availability in peer-to-peer environmen...
This project aims to present the functionality and accuracy of five different machine learning algor...
Scareware is a recent type of malicious software that may pose financial and privacy-related threats...
Malcode can be easily hidden in document files and go undetected by standard technology. We demonstr...