FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2014815184> ?p ?o ?g. }

• W2014815184 abstract "Anomaly detection has been attracting interests from researchers due to its advantage of being able to detect zero-day exploits. A gray-box anomaly detector first observes benign executions of a computer program and then extracts reliable rules that govern the normal execution of the program. However, such observations from benign executions are not necessarily true evidences supporting the rules learned. For example, the observation that a file descriptor being equal to a socket descriptor should not be considered supporting a rule governing the two values to be the same. Ground truthing such observations is a difficult problem since it is not practical to analyze the semantics of every instruction in every program to be protected. In this paper, we propose using taint analysis to automatically help the ground truthing. Intuitively, the same taint source of two values provides ground truth of the data dependence. We implement a host-based anomaly detector with our proposed taint tracking and evaluate the accuracy of rules learned. Results show that we not only manage to filter out incorrect rules that would otherwise be learned (with high support and confidence), but manage recover good rules that are previously believed to be unreliable. We also present overheads of our system and time needed for training." @default.
• W2014815184 created "2016-06-24" @default.
• W2014815184 creator A5003467063 @default.
• W2014815184 creator A5023755657 @default.
• W2014815184 creator A5079108949 @default.
• W2014815184 date "2011-09-01" @default.
• W2014815184 modified "2023-10-16" @default.
• W2014815184 title "Towards ground truthing observations in gray-box anomaly detection" @default.
• W2014815184 cites W138996787 @default.
• W2014815184 cites W1539027 @default.
• W2014815184 cites W1582331515 @default.
• W2014815184 cites W1586807939 @default.
• W2014815184 cites W1634927171 @default.
• W2014815184 cites W1832277845 @default.
• W2014815184 cites W1910686388 @default.
• W2014815184 cites W1963971515 @default.
• W2014815184 cites W2014589236 @default.
• W2014815184 cites W2100666033 @default.
• W2014815184 cites W2102970979 @default.
• W2014815184 cites W2106649514 @default.
• W2014815184 cites W2118528519 @default.
• W2014815184 cites W2123886726 @default.
• W2014815184 cites W2131358846 @default.
• W2014815184 cites W2137569638 @default.
• W2014815184 cites W2138788987 @default.
• W2014815184 cites W2143776233 @default.
• W2014815184 cites W2151135920 @default.
• W2014815184 cites W2167332015 @default.
• W2014815184 cites W2168264487 @default.
• W2014815184 cites W2171829129 @default.
• W2014815184 cites W3136767761 @default.
• W2014815184 doi "https://doi.org/10.1109/icnss.2011.6059956" @default.
• W2014815184 hasPublicationYear "2011" @default.
• W2014815184 type Work @default.
• W2014815184 sameAs 2014815184 @default.
• W2014815184 citedByCount "2" @default.
• W2014815184 countsByYear W20148151842017 @default.
• W2014815184 crossrefType "proceedings-article" @default.
• W2014815184 hasAuthorship W2014815184A5003467063 @default.
• W2014815184 hasAuthorship W2014815184A5023755657 @default.
• W2014815184 hasAuthorship W2014815184A5079108949 @default.
• W2014815184 hasBestOaLocation W20148151842 @default.
• W2014815184 hasConcept C121332964 @default.
• W2014815184 hasConcept C124101348 @default.
• W2014815184 hasConcept C126838900 @default.
• W2014815184 hasConcept C12997251 @default.
• W2014815184 hasConcept C146849305 @default.
• W2014815184 hasConcept C154945302 @default.
• W2014815184 hasConcept C165696696 @default.
• W2014815184 hasConcept C166275286 @default.
• W2014815184 hasConcept C26873012 @default.
• W2014815184 hasConcept C38652104 @default.
• W2014815184 hasConcept C41008148 @default.
• W2014815184 hasConcept C71924100 @default.
• W2014815184 hasConcept C739882 @default.
• W2014815184 hasConcept C76155785 @default.
• W2014815184 hasConcept C94915269 @default.
• W2014815184 hasConceptScore W2014815184C121332964 @default.
• W2014815184 hasConceptScore W2014815184C124101348 @default.
• W2014815184 hasConceptScore W2014815184C126838900 @default.
• W2014815184 hasConceptScore W2014815184C12997251 @default.
• W2014815184 hasConceptScore W2014815184C146849305 @default.
• W2014815184 hasConceptScore W2014815184C154945302 @default.
• W2014815184 hasConceptScore W2014815184C165696696 @default.
• W2014815184 hasConceptScore W2014815184C166275286 @default.
• W2014815184 hasConceptScore W2014815184C26873012 @default.
• W2014815184 hasConceptScore W2014815184C38652104 @default.
• W2014815184 hasConceptScore W2014815184C41008148 @default.
• W2014815184 hasConceptScore W2014815184C71924100 @default.
• W2014815184 hasConceptScore W2014815184C739882 @default.
• W2014815184 hasConceptScore W2014815184C76155785 @default.
• W2014815184 hasConceptScore W2014815184C94915269 @default.
• W2014815184 hasLocation W20148151841 @default.
• W2014815184 hasLocation W20148151842 @default.
• W2014815184 hasLocation W20148151843 @default.
• W2014815184 hasOpenAccess W2014815184 @default.
• W2014815184 hasPrimaryLocation W20148151841 @default.
• W2014815184 hasRelatedWork W2007266074 @default.
• W2014815184 hasRelatedWork W2042251007 @default.
• W2014815184 hasRelatedWork W2099615906 @default.
• W2014815184 hasRelatedWork W2116325143 @default.
• W2014815184 hasRelatedWork W2125735062 @default.
• W2014815184 hasRelatedWork W2145555436 @default.
• W2014815184 hasRelatedWork W2156449441 @default.
• W2014815184 hasRelatedWork W3006575496 @default.
• W2014815184 hasRelatedWork W3120251014 @default.
• W2014815184 hasRelatedWork W47273084 @default.
• W2014815184 isParatext "false" @default.
• W2014815184 isRetracted "false" @default.
• W2014815184 magId "2014815184" @default.
• W2014815184 workType "article" @default.