Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings Article
Intrusion Detection with Neural Networks
TL;DR: A backpropagation neural network called NNID (Neural Network Intrusion Detector) was trained in the identification task and tested experimentally on a system of 10 users, suggesting that learning user profiles is an effective way for detecting intrusions.
Journal ArticleDOI
Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model
TL;DR: A new hybrid model can be used to estimate the intrusion scope threshold degree based on the network transaction data’s optimal features that were made available for training and revealed that the hybrid approach had a significant effect on the minimisation of the computational and time complexity involved when determining the feature association impact scale.
Journal ArticleDOI
A tutorial overview of anomaly detection in hyperspectral images
TL;DR: This tutorial is focused on those techniques that aim to detect small man-made anomalies typically found in defense and surveillance applications, and places emphasis on the techniques that are either mathematically more tractable or easier to interpret physically.
Proceedings ArticleDOI
Identifying important features for intrusion detection using support vector machines and neural networks
TL;DR: This paper applies the technique of deleting one feature at a time to perform experiments on SVMs and neural networks to rank the importance of input features for the DARPA collected intrusion data and shows that SVM-based and neural network based IDSs using a reduced number of features can deliver enhanced or comparable performance.
Journal ArticleDOI
An introduction to intrusion detection
TL;DR: A computer system should provide confidentiality, integrity and assurance against denial of service, but due to increased connectivity, and the vast spectrum of financial possibilities that are opening up, more and more systems are subject to attack by intruders.