An introduction to intrusion detection
Crossroads - Special issue on computer security
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Application of a distributed data mining approach to network intrusion detection
Proceedings of the first international joint conference on Autonomous agents and multiagent systems: part 3
Intrusion Signatures and Analysis
Intrusion Signatures and Analysis
Communication Networks: Fundamental Concepts and Key Architectures
Communication Networks: Fundamental Concepts and Key Architectures
Specification-based anomaly detection: a new approach for detecting network intrusions
Proceedings of the 9th ACM conference on Computer and communications security
Cryptography and Network Security: Principles and Practice
Cryptography and Network Security: Principles and Practice
Analysis, detection, and modeling of attacks in computer communication networks
Analysis, detection, and modeling of attacks in computer communication networks
A data mining approach for database intrusion detection
Proceedings of the 2004 ACM symposium on Applied computing
Bootstrapping methodology for the Session-based Anomaly Notification Detector (SAND)
Proceedings of the 44th annual Southeast regional conference
Hi-index | 0.00 |
In today's interconnected world of computer networks, there exists a need to provide secure and safe transactions through the use of firewalls, Intrusion Detection Systems (IDSs), encryption, authentication, and other hardware and software solutions. Many IDS variants exist which allow security managers and engineers to identify attack network packets primarily through the use of signature detection; i.e., the IDS "recognizes" attack packets due to their well-known "fingerprints" or signatures as those packets cross the network's gateway threshold. On the other hand, anomaly-based ID systems determine what is normal traffic within a network and reports abnormal traffic behavior. We report the findings of our research in the area of anomaly-based intrusion detection systems using data-mining techniques described in section 3.3 to create a decision tree model of our network using the 1999 DARPA Intrusion Detection Evaluation data set. After the model was created, we gathered more data from our local campus network and ran the new data through the model.