A study in using neural networks for anomaly and misuse detection
作者: Aaron Schwartzbard , Anup K. Ghosh
DOI:
关键词:
摘要: Current intrusion detection systems lack the ability to generalize from previously observed attacks detect even slight variations of known attacks. This paper describes new process-based approaches that provide behavior recognize future unseen behavior. The approach employs artificial neural networks (ANNs), and can be used for both anomaly in order novel misuse These techniques were applied a large corpus data collected by Lincoln Labs at MIT an system evaluation sponsored U.S. Defense Advanced Research Projects Agency (DARPA). Results applying these against DARPA are presented.
acm.org 参考文章(18)
Terran Lane, Carla E Brodley, An Application of Machine Learning to Anomaly Detection ,(1999)
Philip K. Chan, Wenke Lee, Saivatore J. Stolfo, Learning Patterns from Unix Process Execution Traces for Intrusion Detection ,(1997) , 10.7916/D8B56RF2
Aaron Schwartzbard, Michael Schatz, Anup K. Ghosh, Learning program behavior profiles for intrusion detection ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 6- 6 ,(1999)
James Cannady, Artificial Neural Networks for Misuse Detection ,(1998)
William W. Cohen, Fast Effective Rule Induction Machine Learning Proceedings 1995. pp. 115- 123 ,(1995) , 10.1016/B978-1-55860-377-6.50023-2
D. Endler, Intrusion detection. Applying machine learning to Solaris audit data annual computer security applications conference. pp. 268- 279 ,(1998) , 10.1109/CSAC.1998.738647
Teresa F. Lunt, A survey of intrusion detection techniques Computers & Security. ,vol. 12, pp. 405- 418 ,(1993) , 10.1016/0167-4048(93)90029-5
Fabian Monrose, Aviel Rubin, Authentication via keystroke dynamics computer and communications security. pp. 48- 56 ,(1997) , 10.1145/266420.266434
Eugene H. Spafford, Sandeep Kumar, A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION ,(1994)
K. Ilgun, R.A. Kemmerer, P.A. Porras, State transition analysis: a rule-based intrusion detection approach IEEE Transactions on Software Engineering. ,vol. 21, pp. 181- 199 ,(1995) , 10.1109/32.372146