thc.org:/root/docs/intrusion_detection/hids/

Papers covering host-based intrusion detection research

Return to parent directory

A Real-Time Intrusion Detection System based on Learning Program Behavior

An Application of Machine Learning to Anomaly Detection

An Immunological Approach to Change Detection: Algorithms, Analysis and Implications

An Immunological Approach to Change Detection: Theoretical Results

Automated Response Using System-Call Delays

Automating Mimicry Attacks Using Static Binary Analysis

Detecting Intrusions using System Calls: Alternative Data Models

Efficient Intrusion Detection using Automaton Inlining

Finding the Vocabulary of Program Behavior Data for Anomaly Detection

Information-Theoretic Measures For Anomaly Detection

Intrusion Detection using Sequences of System Calls

Learning to Detect Malicious Executables in the Wild

Learning Patterns from Unix Process Execution Traces for Intrusion Detection

Learning Program Behaviour Profiles for Intrusion Detection

Modeling System Calls for Intrusion Detection with Dynamic Window Sizes

On gray-box program tracking for anomaly detection

On the Detection of Anomalous System Call Arguments

STATL - An Attack Language for State based Intrusion Detection

Semantics-Aware Malware Detection

Sequence Matching and Learning in Anomaly Detection for Computer Security

Seurat: A Pointillist Approach to Anomaly Detection

Temporal Sequence Learning and Data Reduction for Anomaly Detection

Toward Stealthy Malware Detection

Two state-based approaches to Program-based Anomaly Detection

USTAT - Real Time Intrusion Detection for Unix

Undermining an Anomaly-based Intrusion Detection System Using Common Exploits

Using Program Behavior for Intrusion Detection