Mining association rules between sets of items in large databases
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Efficient progressive sampling
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Mining in a data-flow environment: experience in network intrusion detection
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
The base-rate fallacy and the difficulty of intrusion detection
ACM Transactions on Information and System Security (TISSEC)
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)
A study in using neural networks for anomaly and misuse detection
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Intelligent Bayesian classifiers in network intrusion detection
IEA/AIE'2005 Proceedings of the 18th international conference on Innovations in Applied Artificial Intelligence
A real-time intrusion detection algorithm for network security
WSEAS TRANSACTIONS on COMMUNICATIONS
A real-time intrusion detection algorithm for network security
AIC'08 Proceedings of the 8th conference on Applied informatics and communications
Fast intrusion detection by using high speed focused time delay neural networks
CIT'09 Proceedings of the 3rd International Conference on Communications and information technology
Alerts visualization and clustering in network-based intrusion detection
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Multistage attack detection system for network administrators using data mining
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Bridging the gaps: joining information sources with Splunk
SLAML'10 Proceedings of the 2010 workshop on Managing systems via log analysis and machine learning techniques
Classification of hidden network streams
DaWaK'06 Proceedings of the 8th international conference on Data Warehousing and Knowledge Discovery
Intrusion detection via analysis and modelling of user commands
DaWaK'05 Proceedings of the 7th international conference on Data Warehousing and Knowledge Discovery
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
Information Sciences: an International Journal
Hi-index | 0.01 |
Intrusion detection is an essential component of the layered computer security mechanisms. It requires accurate and efficient models for analyzing a large amount of system and network audit data. This paper is an overview of our research in applying data mining techniques to build intrusion detection models. We describe a framework for mining patterns from system and network audit data, and constructing features according to analysis of intrusion patterns. We discuss approaches for improving the run-time efficiency as well as the credibility of detection models. We report the ideas, algorithms, and prototype systems we have developed, and discuss open research problems.