@inproceedings{6e7fa55788e24935a31da9cf2b191af5,
title = "Poster: Detecting monitor compromise using evidential reasoning",
abstract = "Stealthy attackers often disable or tamper with system monitors to hide their tracks and evade detection. In this poster, we present a data-driven technique to detect such monitor compromise using evidential reasoning. Leveraging the fact that hiding from multiple, redundant monitors is difficult for an attacker, to identify potential monitor compromise, we combine alerts from different sets of monitors by using Dempster-Shafer theory, and compare the results to find outliers. We describe our ongoing work in this area.",
keywords = "Evidential reasoning, Intrusion detection, Machine learning, Security",
author = "Uttam Thakore and Ahmed Fawaz and Sanders, {William H.}",
note = "Publisher Copyright: {\textcopyright} 2018 Copyright held by the owner/author(s).; 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018 ; Conference date: 10-04-2018 Through 11-04-2018",
year = "2018",
month = apr,
day = "10",
doi = "10.1145/3190619.3191693",
language = "English (US)",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery",
booktitle = "Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018",
address = "United States",
}