IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Artificial intelligence: a modern approach
Artificial intelligence: a modern approach
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
Information Processing and Human-Machine Interaction: An Approach to Cognitive Engineering
Information Processing and Human-Machine Interaction: An Approach to Cognitive Engineering
Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse
IEEE Transactions on Software Engineering
A Neural Network Component for an Intrusion Detection System
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
User authentication through keystroke dynamics
ACM Transactions on Information and System Security (TISSEC)
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
Applying data mining to intrusion detection: the quest for automation, efficiency, and credibility
ACM SIGKDD Explorations Newsletter
Fusion of multiple classifiers for intrusion detection in computer networks
Pattern Recognition Letters
A high-level programming environment for packet trace anonymization and transformation
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Enhancing byte-level network intrusion detection signatures with context
Proceedings of the 10th ACM conference on Computer and communications security
Clustering intrusion detection alarms to support root cause analysis
ACM Transactions on Information and System Security (TISSEC)
Combining a bayesian classifier with visualisation: understanding the IDS
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Hypothesizing and reasoning about attacks missed by intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Intrusion detection using hierarchical neural networks
Pattern Recognition Letters
A Machine Learning Evaluation of an Artificial Immune System
Evolutionary Computation
Network intrusion detection in covariance feature space
Pattern Recognition
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
Challenging the anomaly detection paradigm: a provocative discussion
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Identity verification through dynamic keystroke analysis
Intelligent Data Analysis
A parallel genetic local search algorithm for intrusion detection in computer networks
Engineering Applications of Artificial Intelligence
ATLANTIDES: an architecture for alert verification in network intrusion detection systems
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Capturing industry experience for an effective information security assessment
International Journal of Information Systems and Change Management
Autonomous decision on intrusion detection with trained BDI agents
Computer Communications
Evaluation of Intrusion Detection Systems Under a Resource Constraint
ACM Transactions on Information and System Security (TISSEC)
A proactive wireless self-protection system
Proceedings of the 5th international conference on Pervasive services
A case study in testing a network security algorithm
Proceedings of the 4th International Conference on Testbeds and research infrastructures for the development of networks & communities
Reducing False Alarm Rate in Anomaly Detection with Layered Filtering
ICCS '08 Proceedings of the 8th international conference on Computational Science, Part I
The Problem of False Alarms: Evaluation with Snort and DARPA 1999 Dataset
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
On the Limits of Payload-Oblivious Network Attack Detection
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Intrusion Prevention in Information Systems: Reactive and Proactive Responses
Journal of Management Information Systems
Boosting Web Intrusion Detection Systems by Inferring Positive Signatures
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Network anomaly detection based on wavelet analysis
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Collaborative approach to network behaviour analysis based on hardware-accelerated FlowMon probes
International Journal of Electronic Security and Digital Forensics
Maintaining Diagnostic Knowledge-Based Systems: A Control-Theoretic Approach
Management Science
Guest Editorial: Information fusion in computer security
Information Fusion
Using Artificial Intelligence for Intrusion Detection
Proceedings of the 2007 conference on Emerging Artificial Intelligence Applications in Computer Engineering: Real Word AI Systems with Applications in eHealth, HCI, Information Retrieval and Pervasive Technologies
Analysis of Data Dependency Based Intrusion Detection System
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Neural network based attack detection algorithm
WSEAS Transactions on Computers
Constructing attribute weights from computer audit data for effective intrusion detection
Journal of Systems and Software
A service-centric model for intrusion detection in next-generation networks
Computer Standards & Interfaces
Detecting Network Anomalies Using CUSUM and EM Clustering
ISICA '09 Proceedings of the 4th International Symposium on Advances in Computation and Intelligence
Developing insider attack detection model: a grounded approach
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Similarity-based classification using specific features in network intrusion detection
AsiaCSN '08 Proceedings of the Fifth IASTED International Conference on Communication Systems and Networks
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Effective discovery of attacks using entropy of packet dynamics
IEEE Network: The Magazine of Global Internetworking
A detailed analysis of the KDD CUP 99 data set
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Performance adaptation in real-time intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A modular multiple classifier system for the detection of intrusions in computer networks
MCS'03 Proceedings of the 4th international conference on Multiple classifier systems
A risk-sensitive intrusion detection model
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering
Expert Systems with Applications: An International Journal
An ontology-based intrusion alerts correlation system
Expert Systems with Applications: An International Journal
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Architecture of distributed intrusion detection system based on anomalies
INES'10 Proceedings of the 14th international conference on Intelligent engineering systems
An Analysis of the Impact of Passenger Profiling for Transportation Security
Operations Research
A cost-based analysis of intrusion detection system configuration under active or passive response
Decision Support Systems
Conversation exchange dynamics: a new signal primitive for visualizing network intrusion detection
ICECS'05 Proceedings of the 4th WSEAS international conference on Electronics, control and signal processing
Automated information flow analysis of virtualized infrastructures
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
SERENE'11 Proceedings of the Third international conference on Software engineering for resilient systems
Prioritizing intrusion analysis using Dempster-Shafer theory
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Dealing with different languages and old profiles in keystroke analysis of free text
AI*IA'05 Proceedings of the 9th conference on Advances in Artificial Intelligence
ICAPR'05 Proceedings of the Third international conference on Pattern Recognition and Image Analysis - Volume Part II
Intelligent agents as cells of immunological memory
ICCS'06 Proceedings of the 6th international conference on Computational Science - Volume Part III
Did IT consulting firms gain when their clients were breached?
Computers in Human Behavior
A new unsupervised anomaly detection framework for detecting network attacks in real-time
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
Y-AOI: Y-means based attribute oriented induction identifying root cause for IDSs
FSKD'05 Proceedings of the Second international conference on Fuzzy Systems and Knowledge Discovery - Volume Part II
An alert reasoning method for intrusion detection system using attribute oriented induction
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
ICIAP'05 Proceedings of the 13th international conference on Image Analysis and Processing
Keystroke analysis of different languages: a case study
IDA'05 Proceedings of the 6th international conference on Advances in Intelligent Data Analysis
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
ADWICE – anomaly detection with real-time incremental clustering
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Effectiveness evaluation of data mining based IDS
ICDM'06 Proceedings of the 6th Industrial Conference on Data Mining conference on Advances in Data Mining: applications in Medicine, Web Mining, Marketing, Image and Signal Mining
An evolutionary multi-agent approach to anomaly detection and cyber defense
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
FuzMet: a fuzzy-logic based alert prioritization engine for intrusion detection systems
International Journal of Network Management
Proceedings of the 5th ACM workshop on Security and artificial intelligence
N-Gram against the machine: on the feasibility of the n-gram network analysis for binary protocols
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Turtles all the way down: a clean-slate, ground-up, first-principles approach to secure systems
Proceedings of the 2012 workshop on New security paradigms
Information Systems and e-Business Management
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Intelligent alarm filter using knowledge-based alert verification in network intrusion detection
ISMIS'12 Proceedings of the 20th international conference on Foundations of Intelligent Systems
Theorizing Information Security Success: Towards Secure E-Government
International Journal of Electronic Government Research
Two-stage database intrusion detection by combining multiple evidence and belief update
Information Systems Frontiers
A learning system for discriminating variants of malicious network traffic
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Visualizing graph features for fast port scan detection
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Administrative evaluation of intrusion detection system
Proceedings of the 2nd annual conference on Research in information technology
A scalable network forensics mechanism for stealthy self-propagating attacks
Computer Communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Situational awareness through reasoning on network incidents
Proceedings of the 4th ACM conference on Data and application security and privacy
Journal of Network and Computer Applications
| Hi-index | 0.00 |
Many different demands can be made of intrusion detection systems. An important requirement is that an intrusion detection system be effective; that is, it should detect a substantial percentage of intrusions into the supervised system, while still keeping the false alarm rate at an acceptable level. This article demonstrates that, for a reasonable set of assumptions, the false alarm rate is the limiting factor for the performance of an intrusion detection system. This is due to the base-rate fallacy phenomenon, that in order to achieve substantial values of the Bayesian detection rate P(Intrusion***Alarm), we have to achieve a (perhaps in some cases unattainably) low false alarm rate. A selection of reports of intrusion detection performance are reviewed, and the conclusion is reached that there are indications that at least some types of intrusion detection have far to go before they can attain such low false alarm rates.