search menu icon-carat-right cmu-wordmark

ALTernatives to Signatures (ALTS)

April 2014 White Paper
George Jones, John Stogoski

This paper presents the results of a study of non-signature-based approaches to detecting malicious activity in computer network traffic.

Publisher:

Software Engineering Institute

CMU/SEI Report Number

CERT-CC-2014-35

Subjects

Abstract

This report by the CERT Coordination Center, part of Carnegie Mellon University's Software Engineering Institute, presents the results of a study of non-signature-based approaches to detecting malicious activity in computer network traffic. Our results are based on a survey of the academic literature on anomaly detection (AD) and interviews with personnel from security operations centers at organizations in key sectors.