Affiliation:
1. Georgia Institute of Technology, Atlanta, GA
Abstract
Intrusion detection is an essential component of the layered computer security mechanisms. It requires accurate and efficient models for analyzing a large amount of system and network audit data. This paper is an overview of our research in applying data mining techniques to build intrusion detection models. We describe a framework for mining patterns from system and network audit data, and constructing features according to analysis of intrusion patterns. We discuss approaches for improving the run-time efficiency as well as the credibility of detection models. We report the ideas, algorithms, and prototype systems we have developed, and discuss open research problems.
Publisher
Association for Computing Machinery (ACM)
Cited by
11 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Application of Association Rule Mining in Preventing Cyberattacks;Bulletin of the Polytechnic Institute of Iași. Electrical Engineering, Power Engineering, Electronics Section;2021-12-01
2. Experimental Cyber Attack Detection Framework;Electronics;2021-07-14
3. Anomaly Detection Algorithm Based on Cluster of Entropy;Computer Supported Cooperative Work and Social Computing;2018-12-11
4. Network malware classification comparison using DPI and flow packet headers;Journal of Computer Virology and Hacking Techniques;2015-07-29
5. Research on Network Intrusion Detection Based on Data Mining Technology;Applied Mechanics and Materials;2015-01