Here are the refereed proceedings of the 10th International Symposium on Recent Advances in Intrusion Detection. The 17 full papers were carefully reviewed. Each one represents an important contribution to the study of intrusion detection. Papers cover anomaly detection, attacks, system evaluation and threat assessment, malware collection and analysis, anomaly- and specification-based detection, and network intrusion detection.

Host-Based Intrusion Detection.- Exploiting Execution Context for the Detection of Anomalous System Calls.- Understanding Precision in Host Based Intrusion Detection.- Anomaly-Based Intrusion Detection.- Comparing Anomaly Detection Techniques for HTTP.- Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications.- Network-Based Intrusion Detection and Response.- Emulation-Based Detection of Non-self-contained Polymorphic Shellcode.- The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware.- Cost-Sensitive Intrusion Responses for Mobile Ad Hoc Networks.- Insider Detection and Alert Correlation.- elicit: A System for Detecting Insiders Who Violate Need-to-Know.- On the Use of Different Statistical Tests for Alert Correlation - Short Paper.- Malicious Code Analysis.- Automated Classification and Analysis of Internet Malware.- "Out-of-the-Box" Monitoring of VM-Based High-Interaction Honeypots.- A Forced Sampled Execution Approach to Kernel Rootkit Identification.- Evasion.- Advanced Allergy Attacks: Does a Corpus Really Help?.- Alert Verification Evasion Through Server Response Forging.- Malicious Code Defense.- Hit-List Worm Detection and Bot Identification in Large Networks Using Protocol Graphs.- SpyShield: Preserving Privacy from Spy Add-Ons.- Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems.