Real time data mining-based intrusion detection
We present an overview of our research in real time data mining-based intrusion detection
systems (IDSs). We focus on issues related to deploying a data mining-based IDS in a real …
systems (IDSs). We focus on issues related to deploying a data mining-based IDS in a real …
Probabilistic techniques for intrusion detection based on computer audit data
N Ye, X Li, Q Chen, SM Emran… - IEEE Transactions on …, 2001 - ieeexplore.ieee.org
This paper presents a series of studies on probabilistic properties of activity data in an
information system for detecting intrusions into the information system. Various probabilistic …
information system for detecting intrusions into the information system. Various probabilistic …
Intrusion and intrusion detection
J McHugh - International Journal of Information Security, 2001 - Springer
Assurance technologies for computer security have failed to have significant impacts in the
marketplace, with the result that most of the computers connected to the internet are …
marketplace, with the result that most of the computers connected to the internet are …
Modeling system calls for intrusion detection with dynamic window sizes
We extend prior research on system call anomaly detection modeling methods for intrusion
detection by incorporating dynamic window sizes. The window size is the length of the …
detection by incorporating dynamic window sizes. The window size is the length of the …
[PDF][PDF] Markov Chains, Classifiers, and Intrusion Detection.
This paper presents a statistical anomaly detection algorithm based on Markov chains. Our
algorithm can be directly applied for intrusion detection by discovering anomalous activities …
algorithm can be directly applied for intrusion detection by discovering anomalous activities …
A hybrid high-order Markov chain model for computer intrusion detection
WH Ju, Y Vardi - Journal of Computational and Graphical Statistics, 2001 - Taylor & Francis
A hybrid model based mostly on a high-order Markov chain and occasionally on a statistical-
independence model is proposed for profiling command sequences of a computer user in …
independence model is proposed for profiling command sequences of a computer user in …
Immunology as information processing
S Forrest, SA Hofmeyr - SANTA FE INSTITUTE STUDIES IN THE …, 2001 - books.google.com
Immunology as information processing Page 381 Immunology as Information Processing
Stephanie Forrest Steven A. Hofmeyr 1 INTRODUCTION This chapter describes the behavior of …
Stephanie Forrest Steven A. Hofmeyr 1 INTRODUCTION This chapter describes the behavior of …
Detection and classification of intrusions and faults using sequences of system calls
JBD Cabrera, L Lewis, RK Mehra - Acm sigmod record, 2001 - dl.acm.org
This paper investigates the use of sequences of system calls for classifying intrusions and
faults induced by privileged processes in Unix. Classification is an essential capability for …
faults induced by privileged processes in Unix. Classification is an essential capability for …
Data mining for network intrusion detection: a comparison of alternative methods
Intrusion detection systems help network administrators prepare for and deal with network
security attacks. These systems collect information from a variety of systems and network …
security attacks. These systems collect information from a variety of systems and network …
Mining system audit data: Opportunities and challenges
Intrusion detection is an essential component of computer security mechanisms. It requires
accurate and efficient analysis of a large amount of system and network audit data. It can …
accurate and efficient analysis of a large amount of system and network audit data. It can …