Theoretical Foundation of Detection
作者: Ali A. Ghorbani , Wei Lu , Mahbod Tavallaee
DOI: 10.1007/978-0-387-88771-5_4
关键词:
摘要: We have seen in previous chapters that both misuse detection and anomaly rely on statistical models of the two classes: normal intrusion. Thus, order to obtain these models, we can apply approaches: manual definition machine learning. Manual is usually used by signature-based detection, which knowledge about characteristics known attacks modeled manually. However, this approach time-consuming only be performed experienced experts, leading high development signature updating costs. Alternatively, learning construct required automatically based some given training data. A motivation for necessary data already available or it at least acquired more easily compared effort define model With growing complexity number different attacks, techniques allow building maintaining system (ADS) with less human intervention seem feasible realizing next generation IDSs.
springer.com
springerlink.com参考文章(66)
Susan M Bridges, Rayford B Vaughn, FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION ,(2002)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
James A. Mahaffey, James D. Cannady Jr., Brandon Craig Rhodes, Multiple Self-Organizing Maps for Intrusion Detection ,(2000)
Ben S. Wittner, John J. Hopfield, Sara A. Solla, Lawrence D. Jackel, John S. Denker, Daniel B. Schwartz, Richard E. Howard, Large Automatic Learning, Rule Extraction, and Generalization. Complex Systems. ,vol. 1, ,(1987)
Khaled Labib, Rao Vemuri, NSOM: A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps ,(2002)
Gürsel Serpen, Maheshkumar Sabhnani, Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context. MLMTA. pp. 209- 215 ,(2003)
Eugene H. Spafford, Mark Crosbie, Applying Genetic Programming to Intrusion Detection ,(1995)
I. Rish, An empirical study of the naive Bayes classifier ,(2001)
Dipankar Dasgupta, Neuro-Immune and Self-Organizing Map Approaches to Anomaly Detection: A Comparison ,(2002)
Sushil Jajodia, Daniel Barbará, Ningning Wu, DETECTING NOVEL NETWORK INTRUSIONS USING BAYES ESTIMATORS siam international conference on data mining. pp. 0- 0 ,(2001)