A Protocol Graph Based Anomaly Detection System


Anomaly detection systems offer the potential to identify new attacks before signatures are identified. To do so, these systems build models of normal user activity from historical data and then use these models to identify deviations from normal behavior caused by attacks. In this thesis, we develop a method of anomaly detection using protocol graphs… (More)


27 Figures and Tables