Time series: theory and methods
Time series: theory and methods
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Extensions to the CART algorithm
International Journal of Man-Machine Studies
Communications of the ACM
Intrusion detection: network security beyond the firewall
Intrusion detection: network security beyond the firewall
Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Intrusion detection
Recent advances in intrusion detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Machine Learning
Experience with EMERALD to Date
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Intrusion Detection Applying Machine Learning to Solaris Audit Data
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
An Application of Machine Learning to Network Intrusion Detection
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
STAT -- A State Transition Analysis Tool For Intrusion Detection
STAT -- A State Transition Analysis Tool For Intrusion Detection
An adaptive automatically tuning intrusion detection system
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Hi-index | 0.00 |
Intrusion detection is required to protect the security of computer network systems by detecting intrusive activities occurring in computer network systems. In this paper, we present decision tree techniques that are used to automatically learn intrusion signatures and classify activities in computer network systems as normal or intrusive for intrusion detection. We show the design of decision tree classifiers for intrusion detection, using different features of raw activity data in computer network systems and different sizes of observation windows. The performance of decision tree classifiers is discussed. We also present the impact of noises in data on the detection performance of the decision tree classifiers. Computer audit data from the Basic Security Module of the Solaris operating system are used to train and test the decision tree classifiers.