Typed linear chain conditional random fields and their application to intrusion detection

Authors:
Carsten Elfers;Mirko Horstmann;Karsten Sohr;Otthein Herzog
Affiliations:
Center for Computing and Communication Technologies, Bremen, Germany;Center for Computing and Communication Technologies, Bremen, Germany;Center for Computing and Communication Technologies, Bremen, Germany;Center for Computing and Communication Technologies, Bremen, Germany
Venue:
IDEAL'10 Proceedings of the 11th international conference on Intelligent data engineering and automated learning
Year:
2010

Citing 10
Cited 0

Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data

ICML '01 Proceedings of the Eighteenth International Conference on Machine Learning
Relational Markov models and their application to adaptive web navigation

Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Applications of Hidden Markov Models to Detecting Multi-Stage Network Attacks

HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9 - Volume 9
Attack Plan Recognition and Prediction Using Causal Networks

ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net

Computer Networks: The International Journal of Computer and Telecommunications Networking
Conditional Random Fields for Intrusion Detection

AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 01
Multi-Stage Intrusion Detection System Using Hidden Markov Model Algorithm

ICISS '08 Proceedings of the 2008 International Conference on Information Science and Security
Principled reasoning and practical applications of alert fusion in intrusion detection systems

Proceedings of the 2008 ACM symposium on Information, computer and communications security
Layered Approach Using Conditional Random Fields for Intrusion Detection

IEEE Transactions on Dependable and Secure Computing
Similarity-based alignment and generalization

ECML'05 Proceedings of the 16th European conference on Machine Learning

Quantified Score

Hi-index	0.00

Visualization

Abstract

Intrusion detection in computer networks faces the problem of a large number of both false alarms and unrecognized attacks. To improve the precision of detection, various machine learning techniques have been proposed. However, one critical issue is that the amount of reference data that contains serious intrusions is very sparse. In this paper we present an inference process with linear chain conditional random fields that aims to solve this problem by using domain knowledge about the alerts of different intrusion sensors represented in an ontology.