ADMIT: anomaly-based data mining for intrusions

Authors:
Karlton Sequeira;Mohammed Zaki
Affiliations:
Rensselaer Polytechnic Institute, Troy, New York;Rensselaer Polytechnic Institute, Troy, New York
Venue:
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Year:
2002

Citing 9
Cited 38

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Introduction to algorithms

Introduction to algorithms
Instance-Based Learning Algorithms

Machine Learning
Temporal sequence learning and data reduction for anomaly detection

ACM Transactions on Information and System Security (TISSEC)
Detection and classification of intrusions and faults using sequences of system calls

ACM SIGMOD Record
An Architecture for Intrusion Detection Using Autonomous Agents

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Machine learning techniques for the computer security domain of anomaly detection

Machine learning techniques for the computer security domain of anomaly detection
Data mining approaches for intrusion detection

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Intrusion detection using sequences of system calls

Journal of Computer Security

Towards NIC-based intrusion detection

Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
A boosting genetic fuzzy classifier for intrusion detection using data mining techniques for rule pre-screening

Design and application of hybrid intelligent systems
User re-authentication via mouse movements

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
A Services Oriented Framework for Next Generation Data Analysis Centers

IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 10 - Volume 11
Fast Distributed Outlier Detection in Mixed-Attribute Data Sets

Data Mining and Knowledge Discovery
Computational aspects of mining maximal frequent patterns

Theoretical Computer Science
Adaptive anomaly detection with evolving connectionist systems

Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Intrusion detection by integrating boosting genetic fuzzy classifier and data mining criteria for rule pre-screening

Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Adaptive real-time anomaly detection with incremental clustering

Information Security Tech. Report
An overview of anomaly detection techniques: Existing solutions and latest technological trends

Computer Networks: The International Journal of Computer and Telecommunications Networking
A new intrusion detection system using support vector machines and hierarchical clustering

The VLDB Journal — The International Journal on Very Large Data Bases
Answering form-based web queries using the data-mining approach

Journal of Intelligent Information Systems
Fast mining of distance-based outliers in high-dimensional datasets

Data Mining and Knowledge Discovery
Fast detection of database system abuse behaviors based on data mining approach

Proceedings of the 2nd international conference on Scalable information systems
Projected outlier detection in high-dimensional mixed-attributes data set

Expert Systems with Applications: An International Journal
Parameterless outlier detection in data streams

Proceedings of the 2009 ACM symposium on Applied Computing
A Multi-resolution Approach for Atypical Behaviour Mining

PAKDD '09 Proceedings of the 13th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining
Anomaly detection: A survey

ACM Computing Surveys (CSUR)
The Needles-in-Haystack Problem

MLDM '09 Proceedings of the 6th International Conference on Machine Learning and Data Mining in Pattern Recognition
Anomaly detection and diagnosis algorithms for discrete symbol sequences with applications to airline safety

IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Content-based methodology for anomaly detection on the web

AWIC'03 Proceedings of the 1st international Atlantic web intelligence conference on Advances in web intelligence
A hybrid fraud scoring and spike detection technique in streaming data

Intelligent Data Analysis
Atypicity detection in data streams: A self-adjusting approach

Intelligent Data Analysis - Ubiquitous Knowledge Discovery
Online outlier detection for data streams

Proceedings of the 15th Symposium on International Database Engineering & Applications
Estimating accuracy of mobile-masquerader detection using worst-case and best-case scenario

ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
An efficient SVM-Based method to detect malicious attacks for web servers

APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications
Network anomaly detection based on clustering of sequence patterns

ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part II
Classification of hidden network streams

DaWaK'06 Proceedings of the 8th international conference on Data Warehousing and Knowledge Discovery
Intrusion detection via analysis and modelling of user commands

DaWaK'05 Proceedings of the 7th international conference on Data Warehousing and Knowledge Discovery
Using boosting learning method for intrusion detection

ADMA'05 Proceedings of the First international conference on Advanced Data Mining and Applications
OddBall: spotting anomalies in weighted graphs

PAKDD'10 Proceedings of the 14th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining - Volume Part II
Content-Based detection of terrorists browsing the web using an advanced terror detection system (ATDS)

ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
ADWICE – anomaly detection with real-time incremental clustering

ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Effective next-items recommendation via personalized sequential pattern mining

DASFAA'12 Proceedings of the 17th international conference on Database Systems for Advanced Applications - Volume Part II
Fmeter: extracting indexable low-level system signatures by counting kernel function calls

Proceedings of the 13th International Middleware Conference
S2MP: similarity measure for sequential patterns

AusDM '08 Proceedings of the 7th Australasian Data Mining Conference - Volume 87
A methodological overview on anomaly detection

DataTraffic Monitoring and Analysis
Research issues in outlier detection for data streams

ACM SIGKDD Explorations Newsletter

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security of computer systems is essential to their acceptance and utility. Computer security analysts use intrusion detection systems to assist them in maintaining computer system security. This paper deals with the problem of differentiating between masqueraders and the true user of a computer terminal. Prior efficient solutions are less suited to real time application, often requiring all training data to be labeled, and do not inherently provide an intuitive idea of what the data model means. Our system, called ADMIT, relaxes these constraints, by creating user profiles using semi-incremental techniques. It is a real-time intrusion detection system with host-based data collection and processing. Our method also suggests ideas for dealing with concept drift and affords a detection rate as high as 80.3% and a false positive rate as low as 15.3%.