Host-Based Intrusion Detection -- Exploiting Execution Context for the Detection of Anomalous System Calls -- Understanding Precision in Host Based Intrusion Detection -- Anomaly-Based Intrusion Detection -- Comparing Anomaly Detection Techniques for HTTP -- Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications -- Network-Based Intrusion Detection and Response -- Emulation-Based Detection of Non-self-contained Polymorphic Shellcode -- The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware -- Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks -- Insider Detection and Alert Correlation -- elicit: A System for Detecting Insiders Who Violate Need-to-Know -- On the Use of Different Statistical Tests for Alert Correlation – Short Paper -- Malicious Code Analysis -- Automated Classification and Analysis of Internet Malware -- 2Out-of-the-Box3 Monitoring of VM-Based High-Interaction Honeypots -- A Forced Sampled Execution Approach to Kernel Rootkit Identification -- Evasion -- Advanced Allergy Attacks: Does a Corpus Really Help? -- Alert Verification Evasion Through Server Response Forging -- Malicious Code Defense -- Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs -- SpyShield: Preserving Privacy from Spy Add-Ons -- Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems.

Licensed e-book