Data Modeling and Data Warehousing Techniques to Improve Intrusion Detection
作者: Anoop Singhal
DOI: 10.1007/978-0-387-47653-7_5
关键词:
摘要: This chapter describes data mining and warehousing techniques that can improve the performance usability of Intrusion Detection Systems (IDS). Current IDS do not provide support for historical analysis summarization. presents to model network traffic alerts using a multi-dimensional star schemas. was used perform security detect denial service attacks. Our also be handle heterogeneous sources (e.g. firewall logs, system calls, net-flow data) enable up two orders magnitude faster query response times analysts as compared current state art. We have our implement prototype is being successfully at Army Research Labs. has helped analyst in detecting intrusions generating reports on trend analysis.
springer.com
sci-hub.st 参考文章(17)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
Gary M. Weiss, Johannes P. Ros, Anoop Singhal, ANSWER: network monitoring using object-oriented rules national conference on artificial intelligence. pp. 1087- 1093 ,(1998)
Sushil Jajodia, Daniel Barbará, Ningning Wu, DETECTING NOVEL NETWORK INTRUSIONS USING BAYES ESTIMATORS siam international conference on data mining. pp. 0- 0 ,(2001)
Klaus Julisch, Data Mining for Intrusion Detection Applications of Data Mining in Computer Security. pp. 33- 62 ,(2002) , 10.1007/978-1-4615-0953-0_2
S. Noel, E. Robertson, S. Jajodia, Correlating intrusion events and building attack scenarios through attack graph distances annual computer security applications conference. pp. 350- 359 ,(2004) , 10.1109/CSAC.2004.11
Tamas Abraham, IDDM: Intrusion Detection Using Data Mining Techniques ,(2001)
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496
Xinzhou Qin, Wenke Lee, Discovering Novel Attack Strategies from INFOSEC Alerts Computer Security – ESORICS 2004. pp. 439- 456 ,(2004) , 10.1007/978-3-540-30108-0_27
Anoop Singhal, Design of a data warehouse system for network/web services conference on information and knowledge management. pp. 473- 476 ,(2004) , 10.1145/1031171.1031262
Alfonso Valdes, Keith Skinner, Adaptive, Model-Based Monitoring for Cyber Attack Detection recent advances in intrusion detection. pp. 80- 92 ,(2000) , 10.1007/3-540-39945-3_6