[PDF][PDF] Intrusion detection systems: A survey and taxonomy
S Axelsson - 2000 - Citeseer
This paper presents a taxonomy of intrusion detection systems that is then used to survey
and classify a number of research prototypes. The taxonomy consists of a classification first …
and classify a number of research prototypes. The taxonomy consists of a classification first …
Intrusion detection with unlabeled data using clustering
L Portnoy - 2000 - academiccommons.columbia.edu
Intrusions pose a serious security threat in a network environment, and therefore need to be
promptly detected and dealt with. New intrusion types, of which detection systems may not …
promptly detected and dealt with. New intrusion types, of which detection systems may not …
The base-rate fallacy and the difficulty of intrusion detection
S Axelsson - ACM Transactions on Information and System Security …, 2000 - dl.acm.org
Many different demands can be made of intrusion detection systems. An important
requirement is that an intrusion detection system be effective; that is, it should detect a …
requirement is that an intrusion detection system be effective; that is, it should detect a …
A framework for constructing features and models for intrusion detection systems
Intrusion detection (ID) is an important component of infrastructure protection mechanisms.
Intrusion detection systems (IDSs) need to be accurate, adaptive, and extensible. Given …
Intrusion detection systems (IDSs) need to be accurate, adaptive, and extensible. Given …
Information-theoretic measures for anomaly detection
W Lee, D Xiang - … 2001 IEEE Symposium on Security and …, 2000 - ieeexplore.ieee.org
Anomaly detection is an essential component of protection mechanisms against novel
attacks. We propose to use several information-theoretic measures, namely, entropy …
attacks. We propose to use several information-theoretic measures, namely, entropy …
A fast automaton-based method for detecting anomalous program behaviors
R Sekar, M Bendre, D Dhurjati… - Proceedings 2001 IEEE …, 2000 - ieeexplore.ieee.org
Anomaly detection on system call sequences has become perhaps the most successful
approach for detecting novel intrusions. A natural way for learning sequences is to use a …
approach for detecting novel intrusions. A natural way for learning sequences is to use a …
Adaptive, model-based monitoring for cyber attack detection
A Valdes, K Skinner - Recent Advances in Intrusion Detection: Third …, 2000 - Springer
Inference methods for detecting attacks on information resources typically use signature
analysis or statistical anomaly detection methods. The former have the advantage of attack …
analysis or statistical anomaly detection methods. The former have the advantage of attack …
Automated Response Using {System-Call} Delay
A Somayaji, S Forrest - 9th USENIX security symposium (USENIX …, 2000 - usenix.org
Automated intrusion response is an important unsolved problem in computer security. A
system called pH (for process homeostasis) is described which can successfully detect and …
system called pH (for process homeostasis) is described which can successfully detect and …
A real-time intrusion detection system based on learning program behavior
AK Ghosh, C Michael, M Schatz - International Workshop on Recent …, 2000 - Springer
In practice, most computer intrusions begin by misusing programs in clever ways to obtain
unauthorized higher levels of privilege. One effective way to detect intrusive activity before …
unauthorized higher levels of privilege. One effective way to detect intrusive activity before …
Intrusion detection in real-time database systems via time signatures
VCS Lee, JA Stankovic, SH Son - Proceedings Sixth IEEE Real …, 2000 - ieeexplore.ieee.org
The authors describe a method for intrusion detection applied to real time database systems.
The novel idea pursued in this study is to exploit the real time properties of data in intrusion …
The novel idea pursued in this study is to exploit the real time properties of data in intrusion …