IEEE Transactions on Software Engineering - Special issue on computer security and privacy
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Using predictive prefetching to improve World Wide Web latency
ACM SIGCOMM Computer Communication Review
On the classification of interactive user behaviour indices
SIGMETRICS '85 Proceedings of the 1985 ACM SIGMETRICS conference on Measurement and modeling of computer systems
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Automated Intrusion Detection Using NFR: Methods and Experiences
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Intelligent Prefetch in WWW Using Client Behavior Characterization
MASCOTS '00 Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
Experiments in UNIX command prediction
AAAI'97/IAAI'97 Proceedings of the fourteenth national conference on artificial intelligence and ninth conference on Innovative applications of artificial intelligence
Security in wireless mobile and sensor networks
Wireless communications systems and networks
Review: Intrusion detection by machine learning: A review
Expert Systems with Applications: An International Journal
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
An efficient network intrusion detection
Computer Communications
Anomaly detection of masquerders based upon typing biometrics and probabilistic neural network
Journal of Computing Sciences in Colleges
Content-based methodology for anomaly detection on the web
AWIC'03 Proceedings of the 1st international Atlantic web intelligence conference on Advances in web intelligence
An intrusion detection based on support vector machines with a voting weight schema
IEA/AIE'07 Proceedings of the 20th international conference on Industrial, engineering, and other applications of applied intelligent systems
The use of artificial intelligence based techniques for intrusion detection: a review
Artificial Intelligence Review
Effective intrusion type identification with edit distance for HMM-Based anomaly detection system
PReMI'05 Proceedings of the First international conference on Pattern Recognition and Machine Intelligence
User modelling for exclusion and anomaly detection: a behavioural intrusion detection system
UMAP'10 Proceedings of the 18th international conference on User Modeling, Adaptation, and Personalization
A survey of anomaly intrusion detection techniques
Journal of Computing Sciences in Colleges
Characterizing User Behavior in a European Academic WiFi Network
International Journal of Handheld Computing Research
Engineering Applications of Artificial Intelligence
Hi-index | 0.25 |
Intrusion detection is the process of identifying user actions that might potentially lead a system from a secured state to a compromised state. Normally, it is observed that the users exhibit regularities in their usage of commands of a system, as they tend to achieve the same (or perhaps similar) objective. The command sequences can therefore be used to characterize the user behavior (ACM SIGMETRICS, Performance Evaluation Review, Texas, USA, 13(2) (1985) 40). Deviations from the characteristic behavior pattern of a user can be used to detect potential intrusions. But, it requires that the user behavior is modeled either on an individual or on a group basis, in such a way that the model captures the essence of the user behavior. In this work reported here, we propose an algorithm for intrusion detection, called Genetic algorithm Based Intrusion Detector (GBID) based on ''learning the individual user behavior''. The user behavior is learnt by using genetic algorithms. Current user behavior can be predicted by genetic algorithms based on the past observed user behavior. The user behavior has been described using a 3-tuple . Value of the 3-tuple is calculated for fixed block size of commands in a user session, called command sample. The 3-tuple value of a command sample in user session are compared with expected non-intrusive behavior 3-tuple value to find intrusions.