17,666 research outputs found
Applying Bag of System Calls for Anomalous Behavior Detection of Applications in Linux Containers
In this paper, we present the results of using bags of system calls for
learning the behavior of Linux containers for use in anomaly-detection based
intrusion detection system. By using system calls of the containers monitored
from the host kernel for anomaly detection, the system does not require any
prior knowledge of the container nature, neither does it require altering the
container or the host kernel.Comment: Published version available on IEEE Xplore
(http://ieeexplore.ieee.org/document/7414047/) arXiv admin note: substantial
text overlap with arXiv:1611.0305
Big Data in Critical Infrastructures Security Monitoring: Challenges and Opportunities
Critical Infrastructures (CIs), such as smart power grids, transport systems,
and financial infrastructures, are more and more vulnerable to cyber threats,
due to the adoption of commodity computing facilities. Despite the use of
several monitoring tools, recent attacks have proven that current defensive
mechanisms for CIs are not effective enough against most advanced threats. In
this paper we explore the idea of a framework leveraging multiple data sources
to improve protection capabilities of CIs. Challenges and opportunities are
discussed along three main research directions: i) use of distinct and
heterogeneous data sources, ii) monitoring with adaptive granularity, and iii)
attack modeling and runtime combination of multiple data analysis techniques.Comment: EDCC-2014, BIG4CIP-201
Recommended from our members
A survey on online monitoring approaches of computer-based systems
This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use
- …