An Application of Machine Learning to Anomaly Detection
作者: Terran Lane , Carla E Brodley
DOI:
关键词: Anomaly detection 、 Machine learning 、 Computer science 、 Current (mathematics) 、 Artificial intelligence 、 Similarity measure
摘要: The anomaly detection problem has been widely studied in the computer security literature. In this paper we present a machine learning approach to detection. Our system builds user profiles based on command sequences and compares current input profile using similarity measure. must learn classify behavior as consistent or anomalous with past only positive examples of account's valid user. empirical results demonstrate that is promising distinguishing legitamate from an intruder.
参考文章(5)
Carla E. Brodley, Terran Lane, Detecting the Abnormal: Machine Learning in Computer Security ,(1997)
Sandeep Kumar, Classification and detection of computer intrusions Purdue University. ,(1996)
S.E. Smaha, Haystack: an intrusion detection system annual computer security applications conference. pp. 37- 44 ,(1988) , 10.1109/ACSAC.1988.113412
L.T. Heberlein, G.V. Dias, K.N. Levitt, B. Mukherjee, J. Wood, D. Wolber, A network security monitor ieee symposium on security and privacy. pp. 296- 304 ,(1990) , 10.1109/RISP.1990.63859
Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, Computer immunology Communications of The ACM. ,vol. 40, pp. 88- 96 ,(1997) , 10.1145/262793.262811