IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Applied multivariate statistical analysis
Applied multivariate statistical analysis
Network and internetwork security: principles and practice
Network and internetwork security: principles and practice
Network security: private communication in a public world
Network security: private communication in a public world
Classification and detection of computer intrusions
Classification and detection of computer intrusions
Communications of the ACM
Intrusion detection: network security beyond the firewall
Intrusion detection: network security beyond the firewall
Mining in a data-flow environment: experience in network intrusion detection
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
DARPA Information Survivability Conference and Exposition: Discex'00, 25-27 January 2000, Hilton Head, South Carolina: Proceedings
Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Experience with EMERALD to Date
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Factor-analysis based anomaly detection and clustering
Decision Support Systems
Network intrusion detection in covariance feature space
Pattern Recognition
IEEE Transactions on Knowledge and Data Engineering
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detecting Denial-of-Service attacks using the wavelet transform
Computer Communications
Data base support for intrusion detection with honeynets
TELE-INFO'07 Proceedings of the 6th WSEAS Int. Conference on Telecommunications and Informatics
An adaptive automatically tuning intrusion detection system
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Local anomaly detection for mobile network monitoring
Information Sciences: an International Journal
MLDM '07 Proceedings of the 5th international conference on Machine Learning and Data Mining in Pattern Recognition
Continuous Time Bayesian Networks for Host Level Network Intrusion Detection
ECML PKDD '08 Proceedings of the European conference on Machine Learning and Knowledge Discovery in Databases - Part II
Intrusion Prevention in Information Systems: Reactive and Proactive Responses
Journal of Management Information Systems
An efficient network intrusion detection
Computer Communications
International Journal of Information and Computer Security
A bidirectional-based DDoS detection mechanism
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
ICCBR'03 Proceedings of the 5th international conference on Case-based reasoning: Research and Development
A Framework for Large-Scale Detection of Web Site Defacements
ACM Transactions on Internet Technology (TOIT)
A cost-based analysis of intrusion detection system configuration under active or passive response
Decision Support Systems
Understanding and evaluating the impact of sampling on anomaly detection techniques
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Network intrusion detection based on system calls and data mining
Frontiers of Computer Science in China
Intrusion detection using continuous time Bayesian networks
Journal of Artificial Intelligence Research
Fusing intrusion data for detection and containment
MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Anomaly detection techniques for a web defacement monitoring service
Expert Systems with Applications: An International Journal
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Fuzzy model tuning for intrusion detection systems
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
A covariance matrix based approach to internet anomaly detection
ICMLC'05 Proceedings of the 4th international conference on Advances in Machine Learning and Cybernetics
An efficient anomaly detection algorithm for vector-based intrusion detection systems
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Classification of Log Files with Limited Labeled Data
Proceedings of Principles, Systems and Applications on IP Telecommunications
Hi-index | 14.98 |
Intrusion detection complements prevention mehcanisms, such as firewalls, cryptography, and authentication, to capture intrusions into an information system while they are acting on the information system. Our study investigates a multivariate quality control technique to detect intrusions by building a long-term profile of normal activities in information systems (norm profile) and using the norm profile to detect anomalies. The multivariate quality control technique is based on Hotelling's \rm T^2 test that detects both counterrelationship anomalies and mean-shift anomalies. The performance of the Hotelling's \rm T^2 test is examined on two sets of computer audit data: a small data set and a large multiday data set. Both data sets contain sessions of normal and intrusive activities. For the small data set, the Hotelling's \rm T^2 test signals all the intrusion sessions and produces no false alarms for the normal sessions. For the large data set, the Hotelling's \rm T^2 test signals 92 percent of the intrusion sessions while producing no false alarms for the normal sessions. The performance of the Hotelling's \rm T^2 test is also compared with the performance of a more scalable multivariate technique驴a chi-squared distance test.