IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Automatic text processing
Elements of machine learning
Genetic algorithms + data structures = evolution programs (3rd ed.)
Genetic algorithms + data structures = evolution programs (3rd ed.)
Communications of the ACM
Software agents
Discovering data mining: from concept to implementation
Discovering data mining: from concept to implementation
Genetic Algorithms in Search, Optimization and Machine Learning
Genetic Algorithms in Search, Optimization and Machine Learning
Machine Learning
Feature Extraction, Construction and Selection: A Data Mining Perspective
Feature Extraction, Construction and Selection: A Data Mining Perspective
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
An new intrusion detection method based on linear prediction
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Application of SVM and ANN for intrusion detection
Computers and Operations Research
Factor-analysis based anomaly detection and clustering
Decision Support Systems
A new intrusion detection method based on data-oriented classification of attacks
ACS'07 Proceedings of the 7th Conference on 7th WSEAS International Conference on Applied Computer Science - Volume 7
International Journal of Information and Computer Security
A fuzzy-genetic approach to network intrusion detection
Proceedings of the 10th annual conference companion on Genetic and evolutionary computation
Improving performance of intrusion detection system by applying a new machine learning strategy
CSTST '08 Proceedings of the 5th international conference on Soft computing as transdisciplinary science and technology
Induction machine fault detection using clone selection programming
Expert Systems with Applications: An International Journal
Building an intrusion detection system based on support vector machine and genetic algorithm
ISNN'05 Proceedings of the Second international conference on Advances in Neural Networks - Volume Part III
Towards a multiagent-based distributed intrusion detection system using data mining approaches
ADMI'11 Proceedings of the 7th international conference on Agents and Data Mining Interaction
| Hi-index | 0.00 |
This paper details an essential component of a multi-agent distributed knowledge network system for intrusion detection. We describe a distributed intrusion detection architecture, complete with a data warehouse and mobile and stationary agents for distributed problem-solving to facilitate building, monitoring, and analyzing global, spatio-temporal views of intrusions on large distributed systems. An agent for the intrusion detection system, which uses a machine learning approach to automated discovery of concise rules from system call traces, is described.We use a feature vector representation to describe the system calls executed by privileged processes. The feature vectors are labeled as good or bad depending on whether or not they were executed during an observed attack. A rule learning algorithm is then used to induce rules that can be used to monitor the system and detect potential intrusions. We study the performance of the rule learning algorithm on this task with and without feature subset selection using a genetic algorithm. Feature subset selection is shown to significantly reduce the number of features used while improving the accuracy of predictions.