Behavior Profiling for Robust Anomaly Detection

Date Added: Feb 2010
Format: PDF

Internet attacks are evolving using evasion techniques such as polymorphism and stealth scanning. Conventional detection systems using signature-based and/or rule-based anomaly detection techniques no longer suffice. It is difficult to predict what form the next malware attack will take and these pose a great challenge to the design of a robust intrusion detection system. The authors focus on the anomalous behavioral characteristics between attack and victim when they undergo sequences of compromising actions and that are inherent to the classes of vulnerability-exploit attacks.