Data sanitization: Improving the forensic utility of anomaly detection systems
Anomaly Detection (AD) sensors have become an invaluable tool for forensic analysis and
intrusion detection. Unfortunately, the detection accuracy of all learning-based ADs depends …
intrusion detection. Unfortunately, the detection accuracy of all learning-based ADs depends …
Thwarting attacks in malcode-bearing documents by altering data sector values
WJ Li, S Stolfo - 2009 - academiccommons.columbia.edu
Embedding malcode within documents provides a convenient means of attacking systems.
Such attacks can be very targeted and difficult to detect to stop due to the multitude of …
Such attacks can be very targeted and difficult to detect to stop due to the multitude of …
[图书][B] Towards self-adaptive anomaly detection sensors
GF Ciocarlie - 2010 - search.proquest.com
Spurred by the ever growing availability of online services and resources, threat models are
constantly evolving. As a result, the same security techniques that were sufficient a decade …
constantly evolving. As a result, the same security techniques that were sufficient a decade …
[PDF][PDF] Detecting and modeling polymorphic shellcode
O Nbou - 2010 - spectrum.library.concordia.ca
In this thesis, we address the problem of modeling and detecting polymorphic engines
shellcode. By polymorphic engines, we mean programs having the ability to transform any …
shellcode. By polymorphic engines, we mean programs having the ability to transform any …
[PDF][PDF] Использование частотного анализа встречаемости инструкций для обнаружения полиморфного исполнимого кода в сетевом трафике
ЭТД Гамаюнов, Э Торощин - Защита информации. Инсайд, 2009 - istina.msu.ru
В статье рассматривается проблема обнаружения вредоносного исполни мого кода в
сетевом трафике на основе выявления NOP эквивалентных участков инструкций IA32 …
сетевом трафике на основе выявления NOP эквивалентных участков инструкций IA32 …
STAND: Sanitization Tool for ANomaly Detection
ABSTRACT The efficacy of Anomaly Detection (AD) sensors depends heavily on the quality
of the data used to train them. Artificial or contrived training data may not provide a realistic …
of the data used to train them. Artificial or contrived training data may not provide a realistic …
Online Training and Sanitization of AD Systems
In this paper, we introduce novel techniques that enhance the training phase of Anomaly
Detection (AD) sensors. Our aim is to both improve the detection performance and protect …
Detection (AD) sensors. Our aim is to both improve the detection performance and protect …