IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Machine Learning
Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint
Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint
Machine Learning
How to Make Stacking Better and Faster While Also Taking Care of an Unknown Weakness
ICML '02 Proceedings of the Nineteenth International Conference on Machine Learning
Fusion of multiple classifiers for intrusion detection in computer networks
Pattern Recognition Letters
Reducing multiclass to binary: a unifying approach for margin classifiers
The Journal of Machine Learning Research
The Knowledge Engineering Review
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Intrusion detection using hierarchical neural networks
Pattern Recognition Letters
Fast learning in networks of locally-tuned processing units
Neural Computation
Intrusion detection using fuzzy association rules
Applied Soft Computing
Review: Intrusion detection by machine learning: A review
Expert Systems with Applications: An International Journal
DSS for computer security incident response applying CBR and collaborative response
Expert Systems with Applications: An International Journal
The WEKA data mining software: an update
ACM SIGKDD Explorations Newsletter
Neural visualization of network traffic data for intrusion detection
Applied Soft Computing
Detecting compounded anomalous SNMP situations using cooperative unsupervised pattern recognition
ICANN'05 Proceedings of the 15th international conference on Artificial neural networks: formal models and their applications - Volume Part II
Testing CAB-IDS through mutations: on the identification of network scans
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Hierarchical Kohonenen net for anomaly detection in network security
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
Hi-index | 0.00 |
In last decades there have been many proposals from the machine learning community in the intrusion detection field. One of the main problems that Intrusion Detection Systems (IDSs) - mainly anomaly-based ones - have to face are those attacks not previously seen (zero-day attacks). This paper proposes a mutation technique to test and evaluate the performance of several classifier ensembles incorporated to network-based IDSs when tackling the task of recognizing such attacks. The technique applies mutant operators that randomly modifies the features of the captured packets to generate situations that otherwise could not be provided to learning IDSs. As an example application for the proposed testing model, it has been specially applied to the identification of network scans and related mutations.