IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Artificial intelligence: a modern approach
Artificial intelligence: a modern approach
Temporal sequence learning and data reduction for anomaly detection
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Detection, Estimation, and Modulation Theory: Radar-Sonar Signal Processing and Gaussian Signals in Noise
Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse
IEEE Transactions on Software Engineering
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
ACM Transactions on Information and System Security (TISSEC)
Journal of Network and Systems Management
The 1998 Lincoln Laboratory IDS Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Interfacing Trusted Applications with Intrusion Detection Systems
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Hide and Seek: An Introduction to Steganography
IEEE Security and Privacy
Detection of injected, dynamically generated, and obfuscated malicious code
Proceedings of the 2003 ACM workshop on Rapid malcode
Resilient infrastructure for network security
Complexity - Special issue: Resilient and adaptive defense of computing networks
Autonomic defense: thwarting automated attacks via real-time feedback control
Complexity - Special issue: Resilient and adaptive defense of computing networks
The role of suspicion in model-based intrusion detection
NSPW '04 Proceedings of the 2004 workshop on New security paradigms
Keystroke analysis of free text
ACM Transactions on Information and System Security (TISSEC)
Measuring intrusion detection capability: an information-theoretic approach
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Time series modeling for IDS alert management
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Analyzing and evaluating dynamics in stide performance for intrusion detection
Knowledge-Based Systems
Improving the quality of alerts and predicting intruder's next goal with Hidden Colored Petri-Net
Computer Networks: The International Journal of Computer and Telecommunications Networking
BINDER: an extrusion-based break-in detector for personal computers
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Methodologies and frameworks for testing ids in adhoc networks
Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks
Classification of intrusion detection alerts using abstaining classifiers
Intelligent Data Analysis
Principled reasoning and practical applications of alert fusion in intrusion detection systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Networks
An Analytic Framework for Modeling and Detecting Access Layer Misbehavior in Wireless Networks
ACM Transactions on Information and System Security (TISSEC)
A Multi-Sensor Model to Improve Automated Attack Detection
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Minimizing False Positives of a Decision Tree Classifier for Intrusion Detection on the Internet
Journal of Network and Systems Management
McPAD: A multiple classifier system for accurate payload-based anomaly detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the 3rd International Conference on Performance Evaluation Methodologies and Tools
Journal of Computer Security - Best papers of the Sec Track at the 2006 ACM Symposium
Evaluation of detection algorithms for MAC layer misbehavior: theory and experiments
IEEE/ACM Transactions on Networking (TON)
Decentralized multi-dimensional alert correlation for collaborative intrusion detection
Journal of Network and Computer Applications
Measurement Study on Malicious Web Servers in the .nz Domain
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
B-ROC curves for the assessment of classifiers over imbalanced data sets
AAAI'06 proceedings of the 21st national conference on Artificial intelligence - Volume 2
Security automation considered harmful?
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Protecting a Moving Target: Addressing Web Application Concept Drift
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
PE-Miner: Mining Structural Information to Detect Malicious Executables in Realtime
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
IJCNN'09 Proceedings of the 2009 international joint conference on Neural Networks
Intrusion detection based on "hybrid" propagation in Bayesian Networks
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Data mining and machine learning-Towards reducing false positives in intrusion detection
Information Security Tech. Report
Adaptive agents applied to intrusion detection
CEEMAS'03 Proceedings of the 3rd Central and Eastern European conference on Multi-agent systems
Dependability metrics
Maintaining defender's reputation in anomaly detection against insider attacks
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics - Special issue on game theory
Toward credible evaluation of anomaly-based intrusion-detection methods
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Fusing intrusion data for detection and containment
MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Severe class imbalance: why better algorithms aren't the answer
ECML'05 Proceedings of the 16th European conference on Machine Learning
Detection of illegal information flow
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Towards a theory of intrusion detection
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Towards an information-theoretic framework for analyzing intrusion detection systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Cooperative intrusion detection for web applications
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
A multi-agent cooperative model and system for integrated security monitoring
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
A probabilistic diffusion scheme for anomaly detection on smartphones
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Die free or live hard? empirical evaluation and new design for fighting evolving twitter spammers
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Layered approach for intrusion detection using naïve Bayes classifier
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
A self-tuning self-optimizing approach for automated network anomaly detection systems
Proceedings of the 9th international conference on Autonomic computing
Performance analysis of wireless intrusion detection systems
IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
Towards statistically strong source anonymity for sensor networks
ACM Transactions on Sensor Networks (TOSN)
No attack necessary: the surprising dynamics of SSL trust relationships
Proceedings of the 29th Annual Computer Security Applications Conference
Journal of Network and Computer Applications
Hi-index | 0.00 |
Many different demands can be made of intrusion detection systems. An important requirement is that it be effective i.e. that it should detect a substantial percentage of intrusions into the supervised system, while still keeping the false alarm rate at an acceptable level.This paper aims to demonstrate that, for a reasonable set of assumptions, the false alarm rate is the limiting factor for the performance of an intrusion detection system. This is due to the base-rate fallacy phenomenon, that in order to achieve substantial values of the Bayesian detection rate, P(Intrusion|Alarm), we have to achieve—a perhaps unattainably low—false alarm rate.A selection of reports of intrusion detection performance are reviewed, and the conclusion is reached that there are indications that at least some types of intrusion detection have far to go before they can attain such low false alarm rates.