Article

Fixed vs. Variable-Length Patterns for Detecting Suspicious Process Behavior

Authors:

Hervé Debar,

Marc Dacier,

Mehdi Nassehi,

Andreas WespiAuthors Info & Claims

ESORICS '98: Proceedings of the 5th European Symposium on Research in Computer Security

Pages 1 - 15

Published: 16 September 1998 Publication History

Abstract

No abstract available.

Cited By

View all

Ongun TStokes JOr JTian KTajaddodianfar FNeil JSeifert COprea APlatt JBilge LDumitras T(2021)Living-Off-The-Land Command Detection Using Active LearningProceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3471621.3471858(442-455)Online publication date: 6-Oct-2021
https://dl.acm.org/doi/10.1145/3471621.3471858
Chandola VBanerjee AKumar V(2009)Anomaly detectionACM Computing Surveys10.1145/1541880.154188241:3(1-58)Online publication date: 30-Jul-2009
https://dl.acm.org/doi/10.1145/1541880.1541882
Avizienis ALaprie JRandell BLandwehr C(2004)Basic Concepts and Taxonomy of Dependable and Secure ComputingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2004.21:1(11-33)Online publication date: 1-Jan-2004
https://dl.acm.org/doi/10.1109/TDSC.2004.2
Show More Cited By

Recommendations

Fixed- vs. variable-length patterns for detecting suspicious process behavior

This paper addresses the problem of creating patterns that can be used to model the normal behavior of a given process. The models can be used for intrusion-detection purposes. First, we present a novel method to generate input data sets that enable us ...
The equidistribution of some length-three vincular patterns on Sn(132)

In 2012 Bna showed the rather surprising fact that the cumulative number of occurrences of the classical patterns 231 and 213 is the same on the set of permutations avoiding 132, even though the pattern based statistics 231 and 213 do not have the same ...
A bijection for length-5 patterns in permutations
Abstract
A bijection which preserves five classical set-valued permutation statistics between ( 31245 , 32145 , 31254 , 32154 )-avoiding permutations and ( 31425 , 32415 , 31524 , 32514 )-avoiding permutations is constructed. Combining this bijection with ...

Comments

Information & Contributors

Information

Published In

ESORICS '98: Proceedings of the 5th European Symposium on Research in Computer Security

September 1998

365 pages

ISBN:3540650040

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 16 September 1998

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Ongun TStokes JOr JTian KTajaddodianfar FNeil JSeifert COprea APlatt JBilge LDumitras T(2021)Living-Off-The-Land Command Detection Using Active LearningProceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3471621.3471858(442-455)Online publication date: 6-Oct-2021
https://dl.acm.org/doi/10.1145/3471621.3471858
Chandola VBanerjee AKumar V(2009)Anomaly detectionACM Computing Surveys10.1145/1541880.154188241:3(1-58)Online publication date: 30-Jul-2009
https://dl.acm.org/doi/10.1145/1541880.1541882
Avizienis ALaprie JRandell BLandwehr C(2004)Basic Concepts and Taxonomy of Dependable and Secure ComputingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2004.21:1(11-33)Online publication date: 1-Jan-2004
https://dl.acm.org/doi/10.1109/TDSC.2004.2
Marceau CZurko MGreenwald S(2001)Characterizing the behavior of a program using multiple-length N-gramsProceedings of the 2000 workshop on New security paradigms10.1145/366173.366197(101-110)Online publication date: 20-Feb-2001
https://dl.acm.org/doi/10.1145/366173.366197

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Recommendations

Fixed- vs. variable-length patterns for detecting suspicious process behavior

The equidistribution of some length-three vincular patterns on Sn(132)

A bijection for length-5 patterns in permutations

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations