Location
https://www.kennesaw.edu/ccse/events/computing-showcase/fa25-cday-program.php
Document Type
Event
Start Date
24-11-2025 4:00 PM
Description
Protecting endpoints has become increasingly challenging, as adversaries have been effective in bypassing defenses. Traditional signature-based Host-based IDS performs quite well at recognizing known patterns but often struggles with previously unseen activity. This study incorporates deep neural sequence modeling with classic OS telemetry to flag novel behavior from Linux system-cell traces. This study design is paired with a sequence encoder over syscall streams, incorporating lightweight statistical signals that are derived from process activity. We believe that our hybrid neural network approach will outperform conventional baselines and boost recall on unknown attacks while maintaining low false-positive rates, providing a practical and reproducible path to stronger host intrusion detection.
Included in
GRP-20236 Zero-Day Host-Based Intrusion Detection via Hybrid Deep Sequence Modeling of SystemCalls
https://www.kennesaw.edu/ccse/events/computing-showcase/fa25-cday-program.php
Protecting endpoints has become increasingly challenging, as adversaries have been effective in bypassing defenses. Traditional signature-based Host-based IDS performs quite well at recognizing known patterns but often struggles with previously unseen activity. This study incorporates deep neural sequence modeling with classic OS telemetry to flag novel behavior from Linux system-cell traces. This study design is paired with a sequence encoder over syscall streams, incorporating lightweight statistical signals that are derived from process activity. We believe that our hybrid neural network approach will outperform conventional baselines and boost recall on unknown attacks while maintaining low false-positive rates, providing a practical and reproducible path to stronger host intrusion detection.