Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Journal ArticleDOI
Incremental learning with partial instance memory
TL;DR: Empirical results showed that although the use of the partial-memory model did decrease predictive accuracy when compared to systems that learn from all available training data, it also decreased memory requirements, decreased learning time, and in some cases, decreased concept complexity.
Journal ArticleDOI
Data mining-based intrusion detectors
Su-Yun Wu,Ester Yen +1 more
TL;DR: Compared with other related works in data mining-based intrusion detectors, it is proposed to calculate the mean value via sampling different ratios of normal data for each measurement, which lead to reach a better accuracy rate for observation data in real world.
Journal ArticleDOI
Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems
TL;DR: This paper examines the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases and identifies the limitations and the shortcomings of the current IDPS systems, whereas appropriate recommendations are provided for future research efforts.
Journal ArticleDOI
Deep and Machine Learning Approaches for Anomaly-Based Intrusion Detection of Imbalanced Network Traffic
TL;DR: The proposed system was able to detect attacks with up to 99.99% accuracy when handling the imbalanced class distribution with fewer samples, making it more convenient in real-time data fusion problems that target data classification.
Journal ArticleDOI
An efficient intruder detection algorithm against sinkhole attacks in wireless sensor networks
TL;DR: A novel algorithm is presented that first finds a list of suspected nodes through checking data consistency, and then effectively identifies the intruder in the list through analyzing the network flow information, and is robust to deal with multiple malicious nodes that cooperatively hide the real intruder.