Linked e-resources
Details
Table of Contents
Preface; References; Acknowledgements; Contents; Contributors; Part I Regular Chapters; A Toolset for Intrusion and Insider Threat Detection; 1 Introduction; 2 Coburg Utility Framework; 2.1 Architecture of CUF; 2.2 Filters in CUF; 2.2.1 Input and Output; 2.2.2 Preprocessing; 2.2.3 Clustering; 2.2.4 Classification; 2.2.5 Evaluation; 3 Online Analysis of Network Data Streams; 3.1 General Problem Setting; 3.1.1 Attack Scenarios; 3.1.2 Flow-Based Data; 3.1.3 Data Preparation; 3.1.4 Implications; 3.2 Outline of the Proposed Approach; 3.3 Integration of Domain Knowledge
3.4 Service Detection Filter3.5 Network Behaviour Analyser; 3.6 Service Behaviour Analyser; 3.7 User Behaviour Analyser; 4 Data Generation; 4.1 Existing Data Sets; 4.2 Data Set Emulation; 4.2.1 Test Environment; 4.2.2 Generation of Normal Data; 4.2.3 Generation of Malicious Data; 5 Related Work; Category I; Category II; Category III; 6 Summary and Future Work; References; Human-Machine Decision Support Systemsfor Insider Threat Detection; 1 Introduction; 2 Related Works; 2.1 Models for Understanding the Problem of Insider Threat; 2.2 Approaches for Detecting Insider Threat
2.3 Insider Threat Visualization2.4 Summary of Related Works; 3 Automated Detection of Insider Threats; 3.1 Automated Detection Using User and Role-Based Profile Assessment; 3.2 Validation of Decision Support in Insider Threat Systems; 4 Visual Analytics of Insider Threat Detection; 4.1 Supporting Human Reasoning using Interactive Visual Analytics; 4.2 Active Learning for Insider Threat Detection; 5 Future Directions for Insider Threat Detection; 6 Summary; References; Detecting Malicious Collusion Between Mobile Software Applications: The AndroidTM Case; 1 Introduction; 1.1 Background
4.2.6 Experimental Setup and Validation4.3 Evaluation of Filtering; 4.3.1 Testing the Prolog Filter; 4.3.2 Testing the Probabilistic Filter; 5 Model-Checking for Collusion; 5.1 Software Model Checking; 5.1.1 Challenges; 5.2 The K Framework; 5.3 A Concrete Semantics for Dalvik Code; 5.3.1 System Configurations; 5.3.2 Smali Instructions; 5.3.3 Semantics for the AndroidTM APIs; 5.3.4 Detecting Collusion on the Concrete Semantics Level; 5.4 An Abstract Semantics for Dalvik; 5.4.1 Detecting Collusion on the Abstract Semantics Level; 5.5 Experimental Results; 5.5.1 Evaluation; 6 Related Work
3.4 Service Detection Filter3.5 Network Behaviour Analyser; 3.6 Service Behaviour Analyser; 3.7 User Behaviour Analyser; 4 Data Generation; 4.1 Existing Data Sets; 4.2 Data Set Emulation; 4.2.1 Test Environment; 4.2.2 Generation of Normal Data; 4.2.3 Generation of Malicious Data; 5 Related Work; Category I; Category II; Category III; 6 Summary and Future Work; References; Human-Machine Decision Support Systemsfor Insider Threat Detection; 1 Introduction; 2 Related Works; 2.1 Models for Understanding the Problem of Insider Threat; 2.2 Approaches for Detecting Insider Threat
2.3 Insider Threat Visualization2.4 Summary of Related Works; 3 Automated Detection of Insider Threats; 3.1 Automated Detection Using User and Role-Based Profile Assessment; 3.2 Validation of Decision Support in Insider Threat Systems; 4 Visual Analytics of Insider Threat Detection; 4.1 Supporting Human Reasoning using Interactive Visual Analytics; 4.2 Active Learning for Insider Threat Detection; 5 Future Directions for Insider Threat Detection; 6 Summary; References; Detecting Malicious Collusion Between Mobile Software Applications: The AndroidTM Case; 1 Introduction; 1.1 Background
4.2.6 Experimental Setup and Validation4.3 Evaluation of Filtering; 4.3.1 Testing the Prolog Filter; 4.3.2 Testing the Probabilistic Filter; 5 Model-Checking for Collusion; 5.1 Software Model Checking; 5.1.1 Challenges; 5.2 The K Framework; 5.3 A Concrete Semantics for Dalvik Code; 5.3.1 System Configurations; 5.3.2 Smali Instructions; 5.3.3 Semantics for the AndroidTM APIs; 5.3.4 Detecting Collusion on the Concrete Semantics Level; 5.4 An Abstract Semantics for Dalvik; 5.4.1 Detecting Collusion on the Abstract Semantics Level; 5.5 Experimental Results; 5.5.1 Evaluation; 6 Related Work