Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings ArticleDOI
An anomaly detection system using a GHSOM-1
TL;DR: The proposed neural network reduces the amount of parameters that a user should define prior to the training to a single parameter, which allows the network to perform more autonomously while maintaining a good performance, which is less dependent on the user experience about the application domain.
Journal Article
Network size, deterrence effects, and internet attack incident growth
Kallol Bagchi,Zaiyong Tang +1 more
TL;DR: The hypothesis that rapid growth of network attack incidents is at least partly explainable by the exponential increase in network size is tested to test and the results show the impact of network size on the number of security attacks.
Location tracking mitigation for honest nodes and location estimation of uncooperative devices in wireless mobile networks
TL;DR: A threat analysis into the risks to vehicular networks is conducted and the results are compared with known threats to wireless access technology in order to assess the security of mobile networks in general.
Book ChapterDOI
Comparative Evaluation of Machine Learning Algorithms for Network Intrusion Detection Using Weka
Nureni Ayofe Azeez,Obinna Justin Asuzu,Sanjay Misra,Adewole Adewumi,Ravin Ahuja,Rytis Maskeliunas +5 more
TL;DR: This work reviews and analyzes the performance of three out of the most commonly used machine learning algorithms in network intrusion, Naive Bayes, decision tree, and random forest algorithms, as they were being trained and tested with the KDD CUP 1999 dataset using a big data and machine learning tool called Weka.
Book ChapterDOI
MINDS: Architecture & Design
TL;DR: The analysis shows that the intrusions detected by HINDS are complementary to those of traditional signature based systems, such as SNORT, which implies that they both can be combined to increase overall attack coverage.