A new two-tiered strategy to intrusion detection

Information Management and Computer Security

Volumn 12, Issue 1, 2004, Pages 27-44

  Sodiya, A S ^a   Longe, H O D ^a   Akinwale, A T ^a  

^a FEDERAL UNIVERSITY OF AGRICULTURE   (Nigeria)

Author keywords

Computers; Data analysis; Data security; Systems analysis

Indexed keywords

COMPUTER CRIME; COMPUTER SYSTEM FIREWALLS; CRYPTOGRAPHY; DATA MINING; DATA REDUCTION; EXPERT SYSTEMS; SYSTEMS ANALYSIS;

AUTHENTICATION; DATA DRIVEN ATTACKS; INTRUSION DETECTION SYSTEMS; SYSTEM AUDITING;

SECURITY OF DATA;

EID: 1642363231     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685220410518810     Document Type: Article

References (28)

1. Anderson, D., Frivold, T., Tamaru, A. and Valdes, A. (1994), NIDES: Software Users Manual: Beta-Update Release, SRI International, December, available at: www.sdl.sri.com/papers/7sri/
2. Banks, J., Carson, J.S. and Nelson, B.L. (1996), Discrete-Event System Simulation, Prentice-Hall, Englewood Cliffs, NJ.
3. Bass, T. (2000), "Intrusion detection systems and multisensor data fusion", Communications of the ACM, Vol. 43 No. 4, pp. 99-105.
4. Daniels, T. and Spafford, E. (2000), "A network audit system for host-based intrusion detection (NASHID) in linux", Proceedings of the Annual Computer Security Applications Conference, New Orleans, LA, December.
5. Debar, H., Dacier, M., Wespi, A. and Lampart, S. (1998), An Experimentation Workbench for Intrusion Detection Systems, Technical Report RZ2998, IBM Research Division, Zurich Research Laboratory, Zurich, March.
6. Denning, D.E. and Neumann, P.G. (1985), Requirements and Model for IDES - a Real-time Intrusion Detection Expert System, Technical report, Computer Science Laboratory, SRI International, Menlo Park, CA.
7. Durst, R., Champion, T., Witten, B., Miller, E. and Spagnuolo, L. (1999), "Testing and evaluating computer intrusion detection systems", Communications of the ACM, Vol. 42, No. 7, pp. 53-61.
8. Fawcett, T. and Provost, F. (1996), "Combining data mining and machine learning for effective user profiling", Proceedings of the 2nd International Conference on Knowledge Discovery and Data Mining (KDD-96), pp. 8-13.
9. Forrest, S., Hofmeyr, S.A., Somayaji, A. and Longstaff, T. A. (1996), "A sense of self for Unix processes", Proceedings of the 1996 IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, pp. 120-8.
10. Hedbom, H., Kvarnstrom, H. and Jonsson, E. (1999), "Security implications of distributed intrusion detection architectures", Proceedings of the 4th Nordic Workshop on Secure IT Systems (NordSec99), Stockholm, November.
11. Holshemier, M. and Siebes, A. (1996), "Analogy with data mining process", Proceedings of the Conference on Knowledge Discovery in Databases.
12. Ilgun, K. (1993), "USTAT: a real-time intrusion detection system for UNIX", Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pp. 16-28.
13. Kumar, S. and Spafford, E.H. (1994), "A pattern matching model for misuse intrusion detection", Proceedings of the 17th National Computer Security Conference, pp. 11-21.
14. Lane, T. and Brodley, C.E. (1998), "Temporal sequence learning and data reduction for anomaly detection", Proceedings of the 5th Conference on Computer & Communications Security, San Francisco, CA, November 2-5, ACM Special Interest Group, pp. 150-8.
15. Law, A.M. and Kelton, W.D. (1999), Simulation Modeling and Analysis, McGraw-Hill, New York, NY.
16. Lee, W. and Stolfo, S.J. (1998), "Data mining approaches for intrusion detection", Proceedings of the 1998 USENIX Security Symposium.
17. Lee, W., Stolfo, S.J. and Mok, K.W. (1999), "A data mining framework for building intrusion detection models", Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, May 9-12, IEEE Computer Society Press, Los Alamos, CA, pp. 120-32.
18. Lee, W., Stolfo, S.J. and Mok, K.W. (2000), "Algorithm for mining audit data", in Lin, T.Y. (Ed.), Granular Computing and Data Mining, Springer-Verlag, Berlin.
19. Lee, W., Stolfo, S.J., Chan, P.K., Eskin Wofan, E., Miller, M., Hershkop, S. and Zhang, J. (2001), "Real time data mining-based intrusion detection", available at: www.cs.columbia.edu/ids.2001
20. Lippman, R.P. et al. (2000), "Evaluating intrusion detection systems: the 1998 DARPA offline intrusion detection evaluation", DISCEX 2000, January.
21. Lundin, E. and Jonsson, E. (1999), "Privacy vs intrusion detection analysis", Proceedings of the 2nd International Workshop on the Recent Advances in Intrusion Detection - RAID'99, West Lafayette, IN, September 7-9.
22. Lundin, E. and Jonsson, E. (2002), Survey of Intrusion Detection Research, Technical Report no. 02-04, Department of Computer Engineering, Chalmers University of Technology, Göteborg.
23. Mounji, A. (1997), "Languages and tools for rule-based distributed intrusion detection", PhD thesis, Faculté Universitaire Notre de la Paix de Namur, September.
24. Paxon, V. (1998), "Bro: a system for detecting network intruders in realtime", Proceedings of the 7th USENIX Security Symposium, pp. 31-51.
25. Puketza, N.J., Zhang, K., Chung, M., Mukherjee, B. and Olsson, R.A. (1996), "A methodology for testing intrusion detection systems", Software Engineering, Vol. 22, No. 10, pp. 719-29.
26. Shipley, G. (1999), "Intrusion detection, take two", Network Computing, 15 November, available at: www.nwc.com/1023/1023fl.html
27. Snapp, S.R., Smaha, S.E., Teal, D.M. and Grance, T. (1992), "The DIDS (distributed intrusion detection system) prototype", Proceedings of the Summer USENIX Conference, pp. 227-33.
28. Valdes, A. and Skinner, K. (2001), "Probabilistic alert correlation", Recent Advances in Intrusion Detection (RAID 2001), No. 2212 in Lecture Notes in Computer Science, Springer-Verlag, Davis, CA, October.