Application-Level Unsupervised Outlier-Based Intrusion Detection and Prevention

<table class="algorithm-group"><tr><td><table class="algorithm" id="exp2"><tr><td colspan="2"><span class="monospace">1.0 1.225 0.5 0.5 0.333 0.333 0.0 Thread_1422880298849000568</span></td></tr><tr><td colspan="2"><span class="monospace">0.5 1.853 0.5 1.0 0.143 0.143 0.0 Thread_8140491395022634864</span></td></tr><tr><td colspan="2"><span class="monospace">On each line, features in this order: min path frequency, max </span></td></tr><tr><td colspan="2"><span class="monospace">number variation, max string length</span><span class="monospace"> variation, parameter’s</span></td></tr><tr><td colspan="2"><span class="monospace">JSON </span><span class="monospace">length variation, min 3-gram</span><span class="monospace">f</span><span class="monospace">requency, min 1-gram </span></td></tr><tr><td colspan="2"><span class="monospace">frequency, </span><span class="monospace">exception</span><span class="monospace">(0/1), thread label</span></td></tr></table></td></tr></table>

<div>Features extracted from two sample invocations of <i>process</i> method.</div>

Security and Communication Networks

exp2

Excerpt 2

Excerpt 2: Application-Level Unsupervised Outlier-Based Intrusion Detection and Prevention 