메뉴 건너뛰기




Volumn 34, Issue 1, 2004, Pages 357-373

A Formal Framework for Positive and Negative Detection Schemes

Author keywords

Anamoly detection; Artificial immune systems; Intrusion detection; Negative detection

Indexed keywords

COMPUTATIONAL METHODS; DATABASE SYSTEMS; DETECTORS; GENETIC ALGORITHMS; IMMUNOLOGY; MATRIX ALGEBRA; PATTERN MATCHING; PROBLEM SOLVING; SET THEORY; STATISTICAL METHODS;

EID: 0742324903     PISSN: 10834419     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSMCB.2003.817026     Document Type: Article
Times cited : (149)

References (69)
  • 5
    • 0032313923 scopus 로고    scopus 로고
    • Intrusion detection using sequences of system calls
    • S. Hofmeyr, A. Somayaji, and S. Forrest, "Intrusion detection using sequences of system calls," J. Comput. Security, vol. 6, pp. 151-180, 1998.
    • (1998) J. Comput. Security , vol.6 , pp. 151-180
    • Hofmeyr, S.1    Somayaji, A.2    Forrest, S.3
  • 7
    • 0002320533 scopus 로고    scopus 로고
    • Immunity by design: An artificial immune system
    • San Francisco, CA
    • S. Hofmeyr and S. Forrest, "Immunity by design: an artificial immune system," in Proc. Genetic Evolutionary Computation Conf., San Francisco, CA, 1999, pp. 1289-1296.
    • (1999) Proc. Genetic Evolutionary Computation Conf. , pp. 1289-1296
    • Hofmeyr, S.1    Forrest, S.2
  • 8
    • 0034546374 scopus 로고    scopus 로고
    • Architecture for an artificial immune system
    • _, "Architecture for an artificial immune system," Evol. Comput. J., vol. 8, no. 4, pp. 443-473, 2000.
    • (2000) Evol. Comput. J. , vol.8 , Issue.4 , pp. 443-473
  • 16
    • 0038458266 scopus 로고    scopus 로고
    • An evaluation of negative selection in an artificial immune system for network intrusion detection
    • San Francisco, CA
    • J. Kim and P. J. Bentley, "An evaluation of negative selection in an artificial immune system for network intrusion detection," in Proc. Genetic Evolutionary Computation Conf., San Francisco, CA, 2001, pp. 1330-1337.
    • (2001) Proc. Genetic Evolutionary Computation Conf. , pp. 1330-1337
    • Kim, J.1    Bentley, P.J.2
  • 17
    • 84868256861 scopus 로고    scopus 로고
    • Generating optimal repertoire of antibody strings in an artificial immune system
    • M. A. Klopotek and M. Michalewicz, Eds. Heidelberg, Germany, New York: Physica-Verlag
    • S. T. Wierzchon, "Generating optimal repertoire of antibody strings in an artificial immune system," in Intelligent Information Systems, M. A. Klopotek and M. Michalewicz, Eds. Heidelberg, Germany, New York: Physica-Verlag, 2000, pp. 119-133.
    • (2000) Intelligent Information Systems , pp. 119-133
    • Wierzchon, S.T.1
  • 18
    • 0742300833 scopus 로고    scopus 로고
    • Discriminative power of the receptors activated by k-contiguous bits rule
    • _, "Discriminative power of the receptors activated by k-contiguous bits rule," J. Comput. Sci. Technol., vol. 1, no. 3, pp. 1-13, 2000.
    • (2000) J. Comput. Sci. Technol. , vol.1 , Issue.3 , pp. 1-13
  • 19
    • 0742282973 scopus 로고    scopus 로고
    • Deriving concise description of nonself patterns in an artificial immune system
    • Heidelberg, Germany, New York: Physica-Verlag
    • _, "Deriving concise description of nonself patterns in an artificial immune system," in New Learning Paradigm in Soft Computing, S. T. Wierzchon, L. C. Jain, and J. Kacprzyk, Eds. Heidelberg, Germany, New York: Physica-Verlag, 2001, pp. 438-458.
    • (2001) New Learning Paradigm in Soft Computing , pp. 438-458
    • Wierzchon, S.T.1    Jain, L.C.2    Kacprzyk, J.3
  • 22
    • 0009950263 scopus 로고    scopus 로고
    • A distributed architecture for a self-adaptive computer virus immune system
    • London, U.K.: MCGraw-Hill, Advanced Topics in Computer Science Series
    • G. B. Lamont, R. E. Marmelstein, and D. A. Van Veldhuizen, "A distributed architecture for a self-adaptive computer virus immune system, " in New Ideas in Optimization. London, U.K.: MCGraw-Hill, 1999, Advanced Topics in Computer Science Series, pp. 167-183.
    • (1999) New Ideas in Optimization , pp. 167-183
    • Lamont, G.B.1    Marmelstein, R.E.2    Van Veldhuizen, D.A.3
  • 24
    • 0034593307 scopus 로고    scopus 로고
    • Characterizing the behavior of a program using multiple-length N-grams
    • Cork, Ireland
    • C. Marceau, "Characterizing the behavior of a program using multiple-length N-grams," in Proc. New Security Paradigms Workshop, Cork, Ireland, 2000.
    • (2000) Proc. New Security Paradigms Workshop
    • Marceau, C.1
  • 27
    • 0023453626 scopus 로고
    • Learning regular sets from queries and counterexamples
    • D. Angulin, "Learning regular sets from queries and counterexamples," Inform. Comput., vol. 75, pp. 87-106, 1987.
    • (1987) Inform. Comput. , vol.75 , pp. 87-106
    • Angulin, D.1
  • 29
    • 0003993827 scopus 로고    scopus 로고
    • [Online]
    • Lincoln Laboratories. (1999) DARPA Intrusion Detection Evaluation. [Online]http://www.ll.mit.edu/IST/ideval/index.html
    • (1999) DARPA Intrusion Detection Evaluation
  • 30
    • 84952879125 scopus 로고    scopus 로고
    • The architecture for a hardware immune system
    • D. Keymeulen, A. Stoica, J. Lohn, and R. S. Zebulum, Eds. Long Beach, CA: IEEE Computer Society Press, July 12-14
    • D. W. Bradley and A. M. Tyrrell, "The architecture for a hardware immune system," in The Third NASA/DoD Workshop on Evolvable Hardware, D. Keymeulen, A. Stoica, J. Lohn, and R. S. Zebulum, Eds. Long Beach, CA: IEEE Computer Society Press, July 12-14, 2001, pp. 193-200.
    • (2001) The Third NASA/DoD Workshop on Evolvable Hardware , pp. 193-200
    • Bradley, D.W.1    Tyrrell, A.M.2
  • 31
    • 21244450732 scopus 로고    scopus 로고
    • A hardware immune system for benchmark state machine error detection
    • Honolulu, HI, May
    • _, "A hardware immune system for benchmark state machine error detection," in Proc. Congr. Evolutionary Computation, Honolulu, HI, May 2002.
    • (2002) Proc. Congr. Evolutionary Computation
  • 32
    • 0036613002 scopus 로고    scopus 로고
    • Immunotronics: Novel finite state machine architectures with built in Self test using Self-Nonself differentiation
    • June
    • _, "Immunotronics: Novel finite state machine architectures with built in Self test using Self-Nonself differentiation," IEEE Trans. Evol. Comput., vol. 6, pp. 227-238, June 2002.
    • (2002) IEEE Trans. Evol. Comput. , vol.6 , pp. 227-238
  • 33
    • 0036613083 scopus 로고    scopus 로고
    • An immunity-based technique to characterize intrusions in computer networks
    • June
    • D. Dasgupta and F. Gonzalez, "An immunity-based technique to characterize intrusions in computer networks," IEEE Trans. Evol. Comput., vol. 6, June 2002.
    • (2002) IEEE Trans. Evol. Comput. , vol.6
    • Dasgupta, D.1    Gonzalez, F.2
  • 34
    • 0742283593 scopus 로고    scopus 로고
    • Artificial immune systems approach to a real time color image classification problem
    • S. Sathyanath and F. Sahin, "Artificial immune systems approach to a real time color image classification problem," in Proc. IEEE Int. Conf. Syst., Man, Cybern., 2001.
    • (2001) Proc. IEEE Int. Conf. Syst., Man, Cybern.
    • Sathyanath, S.1    Sahin, F.2
  • 35
    • 0442296745 scopus 로고    scopus 로고
    • Statistical anomaly detection via HTTPD data analysis
    • to be published
    • D. Q. Naiman, "Statistical anomaly detection via HTTPD data analysis," Comput. Statist. Data Anal., to be published.
    • Comput. Statist. Data Anal.
    • Naiman, D.Q.1
  • 36
    • 84880858814 scopus 로고    scopus 로고
    • "Why 6?" Defining the operational limits of slide, and anomaly-based intrusion detector
    • Oakland, CA: IEEE Press
    • K. Tan and R. Maxion, ""Why 6?" Defining the operational limits of slide, and anomaly-based intrusion detector," in Proc. IEEE Symp. Security Privacy. Oakland, CA: IEEE Press, 2002.
    • (2002) Proc. IEEE Symp. Security Privacy
    • Tan, K.1    Maxion, R.2
  • 37
    • 0023663430 scopus 로고
    • T-cell tolerance by clonal elimination in the thymus
    • Apr. 24
    • J. W. Kappler, N. Roehm, and P. Marrack, "T-cell tolerance by clonal elimination in the thymus," Cell, vol. 49, pp. 273-280, Apr. 24, 1987.
    • (1987) Cell , vol.49 , pp. 273-280
    • Kappler, J.W.1    Roehm, N.2    Marrack, P.3
  • 38
    • 0027532161 scopus 로고
    • Predicting the size of the antibody combining region from consideration of efficient self/nonself discrimination
    • J. K. Percus, O. Percus, and A. S. Perelson, "Predicting the size of the antibody combining region from consideration of efficient self/nonself discrimination," in Proc. Nat. Acad. Sci., vol. 90, 1993, pp. 1691-1695.
    • (1993) Proc. Nat. Acad. Sci. , vol.90 , pp. 1691-1695
    • Percus, J.K.1    Percus, O.2    Perelson, A.S.3
  • 41
    • 0023294428 scopus 로고
    • An intrusion-detection model
    • Feb.
    • D. E. Denning, "An intrusion-detection model," IEEE Trans. Softw. Eng., vol. SE-2, p. 222, Feb. 1987.
    • (1987) IEEE Trans. Softw. Eng. , vol.SE-2 , pp. 222
    • Denning, D.E.1
  • 42
    • 0024984441 scopus 로고
    • Adaptive real-time anomaly detection using inductively generated sequential patterns
    • Los Alamitos, CA
    • H. Teng, K. Chen, and S. Lu, "Adaptive real-time anomaly detection using inductively generated sequential patterns," in Proc. IEEE Symp. Research Computer Security Privacy, Los Alamitos, CA, 1990.
    • (1990) Proc. IEEE Symp. Research Computer Security Privacy
    • Teng, H.1    Chen, K.2    Lu, S.3
  • 46
    • 0742283589 scopus 로고    scopus 로고
    • [Online]
    • M. Roesch. SNORT. [Online]http://www.snort.org/
    • SNORT
    • Roesch, M.1
  • 47
    • 0028911698 scopus 로고
    • Gauging similarity with n-grams: Language-independent categorization of text
    • M. Damashek, "Gauging similarity with n-grams: Language-independent categorization of text," Science, vol. 267, pp. 843-848, 1995.
    • (1995) Science , vol.267 , pp. 843-848
    • Damashek, M.1
  • 50
    • 0009900351 scopus 로고    scopus 로고
    • Anomaly detection over noisy data using learned probability distributions
    • San Francisco, CA
    • E. Eskin, "Anomaly detection over noisy data using learned probability distributions," in Proc. 17th Int. Conf. Machine Learning, San Francisco, CA, 2000, pp. 255-262.
    • (2000) Proc. 17th Int. Conf. Machine Learning , pp. 255-262
    • Eskin, E.1
  • 51
    • 0343442766 scopus 로고
    • Knowledge acquisition via incremental conceptual clustering
    • D. H. Fisher, "Knowledge acquisition via incremental conceptual clustering," Machine Learning, vol. 2, no. 2, pp. 139-172, 1987.
    • (1987) Machine Learning , vol.2 , Issue.2 , pp. 139-172
    • Fisher, D.H.1
  • 54
    • 0000783818 scopus 로고
    • Conceptual clustering, categorization, and polymorphy
    • S. J. Hanson and M. Bauer, "Conceptual clustering, categorization, and polymorphy," Machine Learning, vol. 3, no. 4, pp. 343-372, 1989.
    • (1989) Machine Learning , vol.3 , Issue.4 , pp. 343-372
    • Hanson, S.J.1    Bauer, M.2
  • 55
    • 0027668428 scopus 로고
    • Statistical foundations of audit trail analysis for the detection of computer misuse
    • Sept.
    • P. Helman and G. Liepins, "Statistical foundations of audit trail analysis for the detection of computer misuse," IEEE Trans. Softw. Eng., vol. 19, pp. 886-901, Sept. 1993.
    • (1993) IEEE Trans. Softw. Eng. , vol.19 , pp. 886-901
    • Helman, P.1    Liepins, G.2
  • 56
    • 0031192274 scopus 로고    scopus 로고
    • A statistically based system for prioritizing information exploration under uncertainty
    • July
    • P. Helman and J. Bhangoo, "A statistically based system for prioritizing information exploration under uncertainty," IEEE Trans. Syst., Man, Cybern., vol. 27, pp. 449-466, July 1997.
    • (1997) IEEE Trans. Syst., Man, Cybern. , vol.27 , pp. 449-466
    • Helman, P.1    Bhangoo, J.2
  • 57
    • 0032155724 scopus 로고    scopus 로고
    • Prioritizing information for the discovery of phenomena
    • Sept/Oct.
    • P. Helman and R. Gore, "Prioritizing information for the discovery of phenomena," J. Intell. Inform, Syst., vol. 11, no. 2, pp. 99-138, Sept/Oct. 1998.
    • (1998) J. Intell. Inform, Syst. , vol.11 , Issue.2 , pp. 99-138
    • Helman, P.1    Gore, R.2
  • 61
    • 85170286889 scopus 로고    scopus 로고
    • A unified approach for mining: Properties and computation
    • E. Knorr and R. Ng, "A unified approach for mining: Properties and computation," in Proc. 3rd Knowledge Discovery Data Mining, 1997, pp. 219-222.
    • (1997) Proc. 3rd Knowledge Discovery Data Mining , pp. 219-222
    • Knorr, E.1    Ng, R.2
  • 62
    • 0002948319 scopus 로고    scopus 로고
    • Algorithms for mining distance based outliers in large databases
    • _, "Algorithms for mining distance based outliers in large databases," in Proc. 24th VLDB, 1998, pp. 392-403.
    • (1998) Proc. 24th VLDB , pp. 392-403
  • 64
    • 0003136237 scopus 로고
    • Efficient and effective clustering methods for spacial datamining
    • R. Ng and J. Han, "Efficient and effective clustering methods for spacial datamining," in Proc. 20th VLDB, 1994, pp. 144-155.
    • (1994) Proc. 20th VLDB , pp. 144-155
    • Ng, R.1    Han, J.2
  • 69
    • 0742283590 scopus 로고    scopus 로고
    • Characterizing the behavior of a program using multiple-length n-grams
    • [Online]
    • C.Carla Marceau. Characterizing the behavior of a program using multiple-length n-grams. presented at Proc. New Security Paradigm Workshop. [Online]ftp://ftp.oracorp.com/documents/MultiLengthStrings.pdf
    • Proc. New Security Paradigm Workshop
    • Marceau, C.C.1


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.