Towards a Model- and Learning-Based Framework for Security Anomaly Detection

@inproceedings{Gander2011TowardsAM,
  title={Towards a Model- and Learning-Based Framework for Security Anomaly Detection},
  author={Matthias Gander and Basel Katt and Michael Felderer and Ruth Breu},
  booktitle={FMCO},
  year={2011}
}
For critical areas, such as the health-care domain, it is common to formalize workflow, traffic-flow and access control via models. Typically security monitoring is used to firstly determine if the system corresponds to the specifications in these models and secondly to deal with threats, e.g. by detecting intrusions, via monitoring rules. The challenge of… CONTINUE READING