Mining in a data-flow environment: experience in network intrusion detection
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Anomaly-based intrusion detection: privacy concerns and other problems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Detecting masquerades in intrusion detection based on unpopular commands
Information Processing Letters
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
IEEE Transactions on Computers
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Fusion of multiple classifiers for intrusion detection in computer networks
Pattern Recognition Letters
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Efficient packet classification for network intrusion detection using FPGA
Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays
Intrusion detection using an ensemble of intelligent paradigms
Journal of Network and Computer Applications - Special issue on computational intelligence on the internet
Modeling intrusion detection system using hybrid intelligent systems
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Network anomaly detection with incomplete audit data
Computer Networks: The International Journal of Computer and Telecommunications Networking
Processing of massive audit data streams for real-time anomaly intrusion detection
Computer Communications
Anomaly detection methods in wired networks: a survey and taxonomy
Computer Communications
Accelerating network security services with fast packet classification
Computer Communications
Intrusion detection system for high-speed network
Computer Communications
Intrusion detection through learning behavior model
Computer Communications
Intrusion detection techniques and approaches
Computer Communications
Practical real-time intrusion detection using machine learning approaches
Computer Communications
Hi-index | 0.24 |
Exploit code based on system vulnerability is often used by attacker. Such exploit program often sends attack packets in the first few packets. A Lightweight Network Intrusion Detection system (LNID) is proposed for detecting such attacks on Telnet traffic. It characterizes normal traffic behavior and computes the anomaly score of a packet based on the deviation from the normal behavior. Instead of processing all traffic packets, an efficient filtering scheme proposed in the study can reduce system workload and only 0.3% of the original traffic volume is examined for anomaly. According to the performance comparisons with other network-based IDS, LNID is the most efficient on detection rate and workload reduction.