Using Artificial Intelligence for Intrusion Detection

Authors:
François Gagnon;Babak Esfandiari
Affiliations:
Network Management and Artificial Intelligence Laboratory Carleton University, Canada;Network Management and Artificial Intelligence Laboratory Carleton University, Canada
Venue:
Proceedings of the 2007 conference on Emerging Artificial Intelligence Applications in Computer Engineering: Real Word AI Systems with Applications in eHealth, HCI, Information Retrieval and Pervasive Technologies
Year:
2007

Citing 17
Cited 0

The base-rate fallacy and the difficulty of intrusion detection

ACM Transactions on Information and System Security (TISSEC)
Intrusion detection using autonomous agents

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Machine Learning

Machine Learning
Knowledge Representation, Reasoning, and Declarative Problem Solving

Knowledge Representation, Reasoning, and Declarative Problem Solving
Mimicry attacks on host-based intrusion detection systems

Proceedings of the 9th ACM conference on Computer and communications security
MEF: Malicious Email Filter - A UNIX Mail Filter That Detects Malicious Windows Executables

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
"Why 6?" Defining the Operational Limits of Stide, an Anomaly-Based Intrusion Detector

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
The Multi-Agent Systems for Computer Network Security Assurance: Frameworks and Case Studies

ICAIS '02 Proceedings of the 2002 IEEE International Conference on Artificial Intelligence Systems (ICAIS'02)
A Sense of Self for Unix Processes

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Lightweight agents for intrusion detection

Journal of Systems and Software
Snort - Lightweight Intrusion Detection for Networks

LISA '99 Proceedings of the 13th USENIX conference on System administration
Detecting mass-mailing worm infected hosts by mining DNS traffic data

Proceedings of the 2005 ACM SIGCOMM workshop on Mining network data
ScriptGen: an automated script generation tool for honeyd

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Automatic Evaluation of Intrusion Detection Systems

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Automated worm fingerprinting

OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Autograph: toward automated, distributed worm signature detection

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Anagram: a content anomaly detector resistant to mimicry attack

RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection

Quantified Score

Hi-index	0.00

Visualization

Abstract

Artificial intelligence is playing an increasingly important role in network management. In particular, research in the area of intrusion detection relies extensively on AI techniques to design, implement, and enhance security monitoring systems. This chapter discusses ways in which intrusion detection uses or could use AI. Some general ideas are presented and some actual systems are discussed. The focus is mainly on knowledge representation, machine learning, and multi-agent architectures.