“…Having an initially trusted binary application as input, application‐level intrusion detection systems (app‐IDSs) are specific types of HIDSs try to find anomalous behaviours of the specific application. The approach could be used as a complementary method even if the system is protected by preventive approaches such as binary access control [7], authentication [8], or attestation [9, 10].…”