Handbook of logic in artificial intelligence and logic programming (vol. 3)
Specification-based anomaly detection: a new approach for detecting network intrusions
Proceedings of the 9th ACM conference on Computer and communications security
Anomaly Detection over Noisy Data using Learned Probability Distributions
ICML '00 Proceedings of the Seventeenth International Conference on Machine Learning
Optimal Pattern Matching on Meshes
STACS '94 Proceedings of the 11th Annual Symposium on Theoretical Aspects of Computer Science
The relationship between Precision-Recall and ROC curves
ICML '06 Proceedings of the 23rd international conference on Machine learning
Network anomaly detection with incomplete audit data
Computer Networks: The International Journal of Computer and Telecommunications Networking
A logic of graded possibility and certainty coping with partial inconsistency
UAI'91 Proceedings of the Seventh conference on Uncertainty in Artificial Intelligence
A set of approaches to evaluate and address the accuracy problem in intrusion detection systems
A set of approaches to evaluate and address the accuracy problem in intrusion detection systems
| Hi-index | 0.00 |
One of the challenges of intrusion detectors is their ability to function properly in an imperfect and uncertain environment. In an imperfect environment, observed events do not always correspond to real events, and real events may stay unobserved. In uncertain environment, the lack of information leads to uncertainty about observed and unobserved events. In this paper, we present a new intrusion detection approach called PIDS (Possibilistic Intrusion Detection System) that can deal both with imperfection---using a model of the logging mechanism called the logging protocol---and uncertainty---using hypothesis about that logging protocol expressed in possibilistic logic. We present a prototype implementation of this new approach along with some preliminary experiments that analyze PIDS behavior when dealing with imperfection.