Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings ArticleDOI
Computer network intrusion detection using sequential LSTM Neural Networks autoencoders
Ali H. Mirza,Selin Cosan +1 more
TL;DR: This paper exploits the dimensionality reduction and feature extraction property of the autoencoder framework to efficiently carry out the reconstruction process and uses the LSTM networks to handle the sequential nature of the computer network data.
Integrated innate and adaptive artificial immune systems applied to process anomaly detection
TL;DR: This thesis shows how the use of AISs which incorporate both innate and adaptive immune system mechanisms can be used to reduce the number of false alerts and improve the performance of current approaches.
Proceedings Article
An Imunogenetic Technique To Detect Anomalies In Network Traffic
TL;DR: An immunogenetic approach which can detect a wide variety of intrusive activities on networked computers inspired by the negative selection mechanism of the immune system that can detect foreign patterns in the complement (non-self) space is described.
Journal ArticleDOI
On a pattern-oriented model for intrusion detection
TL;DR: A model that tracks both data and privilege flows within secure systems to detect context-dependent intrusions caused by operational security problems is presented and it is expected that this model will complement, not replace, statistical models for intrusion detection.
Proceedings ArticleDOI
A comparative study of techniques for intrusion detection
TL;DR: SVMs outperform MARS and ANNs in three critical aspects of intrusion detection: accuracy, training time, and testing time; and, with appropriately chosen population size, program size, crossover rate and mutation rate, LGPs outperform other techniques in terms of detection accuracy at the expense of time.