Salad (short for Letter Salad) is an efficient and flexible implementation of the well-known anomaly detection method Anagram by Wang et al. (RAID 2006). Salad is based on n-gram models, that is, data is represented as all of its substrings of length n. During training these n-grams are stored in a Bloom filter. This enables the detector to represent a large number of n-grams in little memory and still being able to efficiently access the data. Salad extends Anagram by allowing various n-gram types, a 2-class version of the detector for classification, and various model analysis modes.
|Tags||Scientific Computing Scientific/Engineering|
|Operating Systems||POSIX Linux Mac OS X Unix Windows|
Release Notes: This release fixes a bug in the unit testing framework on Windows.
Release Notes: This release fixes a critical bug that rendered the 0.4.0 release pretty much unusable.
Release Notes: This release adds support for processing network dumps and capturing packets and streams directly from network interfaces. It integrates unit tests, establishes a logging infrastructure for more consistent output, and fixes various bugs.
Release Notes: This release conforms to recent Doxygen and libarchive versions.