Contents

Click a page name

Audit Trail Pattern Analysis for Detecting Suspicious Process Behavior
Agenda
Preliminary Work
Our IDS Component
Principle
Architecture
Pattern Matching
How to Build the Pattern Table?
How to Build the Pattern Table?
Fixed-Length Patterns
What Is the Ideal Pattern Length?
Variable-Length Patterns
First Reduction Step
Second Reduction Step
Reduction Algorithm
Test Environment
Pattern Statistics
Comparison Fixed-/Variable-Length
Conclusions