Learn More
How to find and detect novel or unknown network attacks is one of the most important objectives in current intrusion detection systems. In this paper, a rule evolution approach based on Genetic Programming (GP) for detecting novel attacks on networks is presented and four genetic operators, namely reproduction, mutation, crossover, and dropping condition(More)
In this paper we introduce the idea of using behavioral biometrics in intrusion detection applications. We present a new biometrics-based technique, which can be used to detect intrusion without the need for any special hardware implementation and without forcing the user to perform any special actions. The technique is based on using " keystroke dynamics "(More)
Digital fingerprinting is an important but still challenging aspect of network forensics. This paper introduces an effective way to identify an attacker based on a strong behavioral biometric. We introduce a new passive digital fingerprinting technique based on keystroke dynamics biometrics. The technique is based on free text detection and analysis of(More)
In this paper, we propose a new unsupervised anomaly detection framework for network intrusions. The framework consists of a new clustering algorithm named I-means and new anomalousness metrics named IP Weights. I-means is an evolutionary extension of k-means algorithm that is composed by a revised k-means algorithm and an evolutionary approach to mixture(More)
Dynamic binary obfuscation or metamorphism is a technique where a malware never keeps the same sequence of opcodes in the memory. Such malware are very difficult to analyse and detect manually even with the help of tools. We need to automate the analysis and detection process of such malware. This paper introduces and presents a new language named MAIL(More)