Mining in a data-flow environment: experience in network intrusion detection
作者: Wenke Lee , Salvatore J. Stolfo , Kui W. Mok
关键词: Process (engineering) 、 Exploit 、 Data flow diagram 、 Intrusion detection system 、 Construct (python library) 、 Anomaly-based intrusion detection system 、 Artificial intelligence 、 Machine learning 、 Data mining 、 Network intrusion detection 、 Computer science
摘要: We discuss the KDD process in “data-flow” environments, where unstructured and time dependent data can be processed into various levels of structured semanticallyrich forms for analysis tasks. Using network intrusion detection as a concrete application example, we describe how to construct models that are both acczLrate describing underlying concepts, efficient when used analyze real-time. present procedures analyzing frequent patterns from lower level constructing appropriate features formulate higher data. The generated have different computational costs (in space). show order minimize required using classification real-time environment, exploit “necessary conditions” associated with lowcost determine whether some high-cost need computed corresponding rules checked. applied our tools problem building models. report experiments provided part 1998 DARPA Intrusion Detection Evaluation program. also experience mined NFR, system.
acm.org
columbia.edu
sci-hub.se 参考文章(12)
Heikki Mannila, A. Inkeri Verkamo, Hannu Toivonen, Discovering Frequent Episodes in Sequences. knowledge discovery and data mining. pp. 210- 215 ,(1995)
Salvatore J. Stolfo, Philip K. Chan, Toward parallel and distributed learning by meta-learning AAAIWS'93 Proceedings of the 2nd International Conference on Knowledge Discovery in Databases. pp. 227- 240 ,(1993)
Tom Fawcett, Foster Provost, Adaptive Fraud Detection Data Mining and Knowledge Discovery. ,vol. 1, pp. 291- 316 ,(1997) , 10.1023/A:1009700419189
William W. Cohen, Fast Effective Rule Induction Machine Learning Proceedings 1995. pp. 115- 123 ,(1995) , 10.1016/B978-1-55860-377-6.50023-2
Wenke Lee, S.J. Stolfo, K.W. Mok, A data mining framework for building intrusion detection models ieee symposium on security and privacy. pp. 120- 132 ,(1999) , 10.1109/SECPRI.1999.766909
Usama Fayyad, Gregory Piatetsky-Shapiro, Padhraic Smyth, The KDD process for extracting useful knowledge from volumes of data Communications of the ACM. ,vol. 39, pp. 27- 34 ,(1996) , 10.1145/240455.240464
Roger M. Needham, Denial of service: an example Communications of The ACM. ,vol. 37, pp. 42- 46 ,(1994) , 10.1145/188280.188294
P. D. Turney, Cost-sensitive classification: empirical evaluation of a hybrid genetic decision tree induction algorithm Journal of Artificial Intelligence Research. ,vol. 2, pp. 369- 409 ,(1994) , 10.1613/JAIR.120
Kui W. Mok, Salvatore J. Stolfo, Wenke Lee, Mining audit data to build intrusion detection models knowledge discovery and data mining. pp. 66- 72 ,(1998) , 10.7916/D8FX7H6X
Heikki Mannila, Hannu Toivonen, A. Inkeri Verkamo, Discovery of Frequent Episodes in Event Sequences Data Mining and Knowledge Discovery. ,vol. 1, pp. 259- 289 ,(1997) , 10.1023/A:1009748302351