An Immunological Approach to Change Detection: Theoretical Results.
95faad21fd70965a18837c10fb2a81fbe827e1475d74801711a98253908727b0
Automated Response Using SystemCall Delays.
17ab8d2f521a6b3f79599f73f4e739dfb06dbfaf37e1dd709de442d386cd08d8
Automating Mimicry Attacks Using Static Binary Analysis.
30aef93f1ffb8832520b77cbc90b428e316b0f4afd0c3b491987119eaf293892
Detecting Intrusions using System Calls: Alternative Data Models.
e6d257f0ecb406b34c24ab3a21a6a52b96c3251d836a63a10e5236598b1e6ba1
Efficient Intrusion Detection using Automaton Inlining.
1bf5e18ed8061a325ff7d6e60c781df4178d42054868898d6d203c57e0439bc1
Finding the Vocabulary of Program Behavior Data for Anomaly Detection.
4c110f1285a6f5e8ce0ed3b7c3655e920312a4dd60c2526b0672eef2f741c9fb
InformationTheoretic Measures For Anomaly Detection.
1b15c3199ddf8d0851f4cfe4ec8cd25b039646b91098bf7ad1bdfc1a85ccac7e
Intrusion Detection using Sequences of System Calls.
88f58bcab94c60c99c7af65ed5a7b543d6c2557de45ed919f9d51dc9a62362f1
Learning Patterns from Unix Process Execution Traces for Intrusion Detection.
774c5fb4d8f87da96428a0aba0863ebb08b7dc6c1ac0ebbdac5fdf4f01a312da
Learning Program Behaviour Profiles for Intrusion Detection.
51ceb245216f818009566c49aa6b0d76d3cb2a40afe1dd0977a3a0a5ff9a9fe1
Learning to Detect Malicious Executables in the Wild.
c1e130b97d30c340298185af4b756e8de4e6af8708c67c9a3a10c45724bf473a
Modeling System Calls for Intrusion Detection with Dynamic Window Sizes.
277603d8959ac2e9d0649d958ee67ec765b961ff534ddedb8b430b98b8c6a9ff
On graybox program tracking for anomaly detection.
73ef3b11daf8d4b271cd8a293379bb7cf36d6f7dd05c9636fe70bb23324fe1dc
On the Detection of Anomalous System Call Arguments.
e4c709e5d57a0f7215abff88f38e074315b3e5b479c1586319221f8b26168610
SemanticsAware Malware Detection.
acd5ff730942de2c3d487ac04bd1e50c79bbf563265482dc51bf3153836c71f5
Sequence Matching and Learning in Anomaly Detection for Computer Security.
4e4df0e8fa211b324a995602cf6485365fc58bbc1dc1494e369e1b81c999a590
Seurat: A Pointillist Approach to Anomaly Detection.
3b4475036b79c71066d1f4dd4b114848a2067647ac58d6987a0041971ef535d7
STATL An Attack Language for State based Intrusion Detection.
52ef3a77ef509bcd93944cd914a2b5dfc8745d9b707ce5bc1e7c37a4a891cfff
Temporal Sequence Learning and Data Reduction for Anomaly Detection.
aea7a380aba430d2d764541688177ed8760417006a7255dfff6dd30e81c59a52
Toward Stealthy Malware Detection.
8ac299a45aaf4507a6fc8d0ec39231c1eac1334a256a455de448f6665466ecda
Two statebased approaches to Program-based Anomaly Detection.
b38d534f4f8ae5b2fe6bbb553e56150a2abdc6766ade8b6b6e7527a53c30d580
USTAT Real Time Intrusion Detection for Unix.
8046c9ee66fcba459b430fcfbee8378dcec39ec3d3a4f0998c7010241a62e4f6
This paper describes how to detect Honeypots / Honeywalls by using hping to send an ICMP packet containing shellcode and analyzing the response.
9239f109f0a37a9b7bfba5c3af51feee113b633f86cd3cd17248aa31a91adb27
White paper discussing the optimization of Network Flight Recorder (NFR) and attack signatures overall when it comes to the MS-SQL Hello buffer overflow.
11d3392d38ac8c051deb47be35bf9f3a5a66cdda19d1fc943a0d0bb58c5abdaa
White paper on the AIRIDS architecture ideology and framework that allows for an IDS to intelligently respond to attacks automatically.
e2b3d2126ac811f2a157f0509e88e5e4a0118b870b2754bb1c8cc08464ba372e