C4.5: programs for machine learning
C4.5: programs for machine learning
Neural networks: a systematic introduction
Neural networks: a systematic introduction
Intrusion detection
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
From outliers to prototypes: Ordering data
Neurocomputing
Autonomous decision on intrusion detection with trained BDI agents
Computer Communications
Protocol-based classification for intrusion detection
ACACOS'08 Proceedings of the 7th WSEAS International Conference on Applied Computer and Applied Computational Science
Traffic Data Preparation for a Hybrid Network IDS
HAIS '08 Proceedings of the 3rd international workshop on Hybrid Artificial Intelligence Systems
Protocol-based classification for intrusion detection
WSEAS Transactions on Computer Research
IDS Based on Bio-inspired Models
KES '07 Knowledge-Based Intelligent Information and Engineering Systems and the XVII Italian Workshop on Neural Networks on Proceedings of the 11th International Conference
Information Sciences: an International Journal
Intrusion detection at packet level by unsupervised architectures
IDEAL'07 Proceedings of the 8th international conference on Intelligent data engineering and automated learning
Combining heterogeneous classifiers for network intrusion detection
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Using unsupervised learning for network alert correlation
Canadian AI'08 Proceedings of the Canadian Society for computational studies of intelligence, 21st conference on Advances in artificial intelligence
Building a qualitative recruitment system via SVM with MCDM approach
Applied Intelligence
DaWaK'11 Proceedings of the 13th international conference on Data warehousing and knowledge discovery
Empirical comparison of four classifier fusion strategies for positive-versus-negative ensembles
Proceedings of the South African Institute of Computer Scientists and Information Technologists Conference on Knowledge, Innovation and Leadership in a Diverse, Multidisciplinary Environment
Using OVA modeling to improve classification performance for large datasets
Expert Systems with Applications: An International Journal
Effectiveness evaluation of data mining based IDS
ICDM'06 Proceedings of the 6th Industrial Conference on Data Mining conference on Advances in Data Mining: applications in Medicine, Web Mining, Marketing, Image and Signal Mining
Automatically building datasets of labeled IP traffic traces: A self-training approach
Applied Soft Computing
INFORMS Journal on Computing
Towards learning normality for anomaly detection in industrial control networks
AIMS'13 Proceedings of the 7th IFIP WG 6.6 international conference on Autonomous Infrastructure, Management, and Security: emerging management mechanisms for the future internet - Volume 7943
A single-domain, representation-learning model for big data classification of network intrusion
MLDM'13 Proceedings of the 9th international conference on Machine Learning and Data Mining in Pattern Recognition
Positive-versus-Negative Classification for Model Aggregation in Predictive Data Mining
INFORMS Journal on Computing
Hi-index | 0.00 |
Application and development of specialized machine learning techniques is gaining increasing attention in the intrusion detection community. A variety of learning techniques proposed for different intrusion detection problems can be roughly classified into two broad categories: supervised (classification) and unsupervised (anomaly detection and clustering). In this contribution we develop an experimental framework for comparative analysis of both kinds of learning techniques. In our framework we cast unsupervised techniques into a special case of classification, for which training and model selection can be performed by means of ROC analysis. We then investigate both kinds of learning techniques with respect to their detection accuracy and ability to detect unknown attacks.