Decision tree classifiers for computer intrusion detection
Real-time system security
Coordinated internet attacks: responding to attack complexity
Journal of Computer Security
DigSig: Runtime Authentication of Binaries at Kernel Level
LISA '04 Proceedings of the 18th USENIX conference on System administration
Decision tree classifier for network intrusion detection with GA-based feature selection
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Guest Editorial: From intrusion detection to self-protection
Computer Networks: The International Journal of Computer and Telecommunications Networking
Biologically-inspired Complex Adaptive Systems approaches to Network Intrusion Detection
Information Security Tech. Report
Detecting worm variants using machine learning
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Novel hardware-based approaches for intrusion detection
ICCOM'05 Proceedings of the 9th WSEAS International Conference on Communications
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
TCM-KNN algorithm for supervised network intrusion detection
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Meta learning intrusion detection in real time network
ICANN'07 Proceedings of the 17th international conference on Artificial neural networks
802.11 de-authentication attack detection using genetic programming
EuroGP'06 Proceedings of the 9th European conference on Genetic Programming
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
A survey of anomaly intrusion detection techniques
Journal of Computing Sciences in Colleges
Event stream database based architecture to detect network intrusion: (industry article)
Proceedings of the 7th ACM international conference on Distributed event-based systems
| Hi-index | 0.00 |
Differentiating anomalous network activity from normal network traffic is difficult and tedious. A human analyst must search through vast amounts of data to find anomalous sequences of network connections. To support the analyst's job, we built an application which enhances domain knowledge with machine learning techniques to create rules for an intrusion detection expert system. We employ genetic algorithms and decision trees to automatically generate rules for classifying network connections. This paper describes the machine learning methodology and the applications employing this methodology.