Novelty detection: a review—part 1: statistical approaches
Signal Processing
Intrusion detection using hierarchical neural networks
Pattern Recognition Letters
Intrusion detection based on organizational coevolutionary fuzzy classifiers
Intelligent information processing II
Outlier detection by active learning
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Outlier detection by sampling with accuracy guarantees
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Intrusion detection using a fuzzy genetics-based learning algorithm
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes
IEEE Transactions on Dependable and Secure Computing
Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set
Intelligent Data Analysis
A parallel genetic local search algorithm for intrusion detection in computer networks
Engineering Applications of Artificial Intelligence
Network Anomaly Detection Based on DSOM and ACO Clustering
ISNN '07 Proceedings of the 4th international symposium on Neural Networks: Part II--Advances in Neural Networks
PAKDD '09 Proceedings of the 13th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining
ACM Computing Surveys (CSUR)
Comparison of BPL and RBF network in intrusion detection system
RSFDGrC'03 Proceedings of the 9th international conference on Rough sets, fuzzy sets, data mining, and granular computing
Design and analysis of genetic fuzzy systems for intrusion detection in computer networks
Expert Systems with Applications: An International Journal
USAID: unifying signature-based and anomaly-based intrusion detection
PAKDD'05 Proceedings of the 9th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining
Intrusion detection based on dynamic self-organizing map neural network clustering
ISNN'05 Proceedings of the Second international conference on Advances in Neural Networks - Volume Part III
Object detection in video using Lorenz information measure and discrete wavelet transform
Proceedings of the International Conference on Advances in Computing, Communications and Informatics
| Hi-index | 0.00 |
Intrusion detection systems (IDSs) must be capable of detecting new and unknown attacks, or anomalies. We study the problem of building detection models for both pure anomaly detection and combined misuse and anomaly detection (i.e., detection of both known and unknown intrusions). We propose an algorithm to generate artificial anomalies to coerce the inductive learner into discovering an accurate boundary between known classes (normal connections and known intrusions) and anomalies.Empirical studies show that our pure anomaly detection model trained using nor al and artificial anomalies is capable of detecting ore than 77%of all unknown intrusion classes with more than 50%accuracy per intrusion class. The combined misuse and anomaly detection models are as accurate as a pure misuse detection model in detecting known intrusions and are capable of detecting at least 50%of unknown intrusion classes with accuracy measurements between 75% and 100%per class.