IEEE Transactions on Software Engineering - Special issue on computer security and privacy
C4.5: programs for machine learning
C4.5: programs for machine learning
Data mining with neural networks: solving business problems from application development to decision support
Machine Learning
Statistical analysis of malformed packets and their origins in the modern internet
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
An Application of Machine Learning to Network Intrusion Detection
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
A selection of useful measures and a generation of rules for detecting attacks from network data are very difficult. Expert’s experiences are commonly required to generate the detection rules. If the rules are generated automatically, we will reduce man-power, management expense, and complexity of intrusion detection systems. In this paper, we propose two methods for generating the detection rules. One method is the statistical method based on relative entropy that uses for selecting the useful measures for generating the accurate rules. The other is decision tree algorithm based on entropy theory that generates the detection rules automatically. Also we propose a method of converting the continuous measures into categorical measures because continuous measures are hard to analyze. As the result, the detection rules for attacks are automatically generated without expert’s experiences. Also, we selected the useful measures by the proposed method.