Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings ArticleDOI
Intrusion detection system based on ant colony memory principle
Yong Liu,Sunjun Liu +1 more
TL;DR: Examples show that the algorithm is capable of realizing memorizing and forgetting processes and increasing the robustness and self adaptability of IDS.
An anomaly-based intrusion detection system based on artificial immune system (AIS) techniques
TL;DR: This research implements a theoretical concept and achieves linear classification time for intrusion detection using techniques from the Artificial Immune Systems (AIS), and the results are compared with that of existing Intrusion Detection Systems.
Detecting Performance Anomalies in a Mobile Application with Unsupervised Machine Learning
TL;DR: Unsupervised anomaly detection algorithms are applied with the purpose of identifying performance regressions in a mobile application to evaluate the performance of these algorithms.
Proceedings ArticleDOI
A Cooperative Deep Belief Network for Intrusion Detection
TL;DR: A specific attack multi-view division method was proposed to extract the significant features of specific attack and an adaptive coding mechanism based on multi- view encoding was described to denoise and compress the attack features.
Journal ArticleDOI
Data Warehouse for Event Streams Violating Rules
TL;DR: It is discussed how a data warehouse can support situational awareness and data forensic needs for investigation of event streams violating rules.