摘要: Locality as a unifying concept for understanding the normal behavior of benign users computer systems is suggested paradigm that will support detection malicious anomalous behaviors. The paper notes locality appears in many dimensions and applies to such diverse mechanisms working set IP addresses contacted during web browsing session, email with which one customarily corresponds, way pages are fetched from site. In every case intrusive behaviors violate known exist some cases, violation necessary achieve its goal. If this observation holds up under further investigation, we have powerful thinking about security activity.
acm.org
sci-hub.se 参考文章(10)
Edward Grady Coffman, Peter J Denning, None, Operating Systems Theory Prentice Hall Professional Technical Reference. ,(1973)
R. Cilibrasi, P. Vitanyi, R. de Wolf, Algorithmic clustering of music Proceedings of the Fourth International Conference onWeb Delivering of Music, 2004. EDELMUSIC 2004.. pp. 110- 117 ,(2004) , 10.1109/WEDELMUSIC.2004.3
George Gamow, The creation of the universe ,(1952)
Erez Zadok, Eleazar Eskin, Salvatore J. Stolfo, Manasi Bhattacharyya, Matthew G. Schultz, MEF: Malicious Email Filter - A UNIX Mail Filter That Detects Malicious Windows Executables usenix annual technical conference. pp. 245- 252 ,(2001) , 10.7916/D8W38329
Steven Andrew Hofmeyr, Stephanie Forrest, An immunological model of distributed detection and its application to computer security The University of New Mexico. ,(1999)
L. Feinstein, D. Schnackenberg, R. Balupari, D. Kindred, DDoS tolerant networks darpa information survivability conference and exposition. ,vol. 2, pp. 73- 75 ,(2003) , 10.1109/DISCEX.2003.1194924
M.G. Schultz, E. Eskin, F. Zadok, S.J. Stolfo, Data mining methods for detection of new malicious executables ieee symposium on security and privacy. pp. 38- 49 ,(2001) , 10.1109/SECPRI.2001.924286
V. Almeida, A. Bestavros, M. Crovella, A. de Oliveira, Characterizing reference locality in the WWW international conference on parallel and distributed information systems. pp. 92- 107 ,(1996) , 10.1109/PDIS.1996.568672
L. Feinstein, D. Schnackenberg, R. Balupari, D. Kindred, Statistical approaches to DDoS attack detection and response darpa information survivability conference and exposition. ,vol. 1, pp. 303- 314 ,(2003) , 10.1109/DISCEX.2003.1194894
M.M. Williamson, Throttling viruses: restricting propagation to defeat malicious mobile code annual computer security applications conference. pp. 61- 68 ,(2002) , 10.1109/CSAC.2002.1176279