Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
Efficient algorithms for mining outliers from large data sets
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Two state-based approaches to program-based anomaly detection
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Anomaly Detection Using Real-Valued Negative Selection
Genetic Programming and Evolvable Machines
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Intrusion detection using sequences of system calls
Journal of Computer Security
Comparative Evaluation of Anomaly Detection Techniques for Sequence Data
ICDM '08 Proceedings of the 2008 Eighth IEEE International Conference on Data Mining
Anomaly detection for symbolic sequences and time series data
Anomaly detection for symbolic sequences and time series data
Data Mining and Knowledge Discovery
Hi-index | 0.00 |
Reference based analysis (RBA) is a novel data mining tool for exploring a test data set with respect to a reference data set. The power of RBA lies in it ability to transform any complex data type, such as symbolic sequences and multi-variate categorical data instances, into a multivariate continuous representation. The transformed representation not only allows visualization of the complex data, which cannot be otherwise visualized in its original form, but also allows enhanced anomaly detection in the transformed feature space. We demonstrate the application of the RBA framework in analyzing system call traces and show how the transformation results in improved intrusion detection performance over state of art data mining based intrusion detection methods developed for system call traces.