메뉴 건너뛰기




Volumn 4, Issue 1, 2007, Pages 41-55

Hybrid intrusion detection with weighted signature generation over anomalous internet episodes

Author keywords

Anomaly detection; False alarms; Internet episodes; Intrusion detection systems; Network security; Signature generation; SNORT and Bro systems; Traffic data mining

Indexed keywords

DATA MINING; DATA TRANSFER; DATABASE SYSTEMS; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; INTERNET; TELECOMMUNICATION TRAFFIC;

EID: 33847743856     PISSN: 15455971     EISSN: None     Source Type: Journal    
DOI: 10.1109/TDSC.2007.9     Document Type: Article
Times cited : (141)

References (34)
  • 3
    • 33847742744 scopus 로고    scopus 로고
    • WormShield: Fast Worm Signature Generation Using Distributed Fingerprint Aggregation
    • to be published in
    • M. Cai, K. Hwang, J. Pan, and C. Papadupolous, "WormShield: Fast Worm Signature Generation Using Distributed Fingerprint Aggregation," to be published in IEEE Trans. Dependabk and Secure Computing, 2007.
    • (2007) IEEE Trans. Dependabk and Secure Computing
    • Cai, M.1    Hwang, K.2    Pan, J.3    Papadupolous, C.4
  • 4
    • 33847324610 scopus 로고    scopus 로고
    • SNORT 2.1, Intrusion Detection
    • second ed, May
    • B. Casewell and J. Beale, SNORT 2.1, Intrusion Detection, second ed. Syngress, May 2004.
    • (2004) Syngress
    • Casewell, B.1    Beale, J.2
  • 6
    • 84867339043 scopus 로고    scopus 로고
    • Alert Correlation in a Cooperative Intrusion Detection Framework
    • F. Cuppens and A. Miege, "Alert Correlation in a Cooperative Intrusion Detection Framework," Proc. 2002 IEEE Symp. Security and Privacy, pp. 187-200, 2002.
    • (2002) Proc. 2002 IEEE Symp. Security and Privacy , pp. 187-200
    • Cuppens, F.1    Miege, A.2
  • 11
  • 12
    • 0035416013 scopus 로고    scopus 로고
    • Difficulties in Simulating the Internet
    • Aug
    • S. Floyd and V. Paxson, "Difficulties in Simulating the Internet," IEEE/ACM Trans. Networking, vol. 9, no. 4, pp. 392-403, Aug. 2001.
    • (2001) IEEE/ACM Trans. Networking , vol.9 , Issue.4 , pp. 392-403
    • Floyd, S.1    Paxson, V.2
  • 14
    • 33846144789 scopus 로고    scopus 로고
    • DHT-Based Security Infrastructure for Trusted Internet and Grid Computing
    • Dec
    • K. Hwang, Y. Kwok, S. Song, M. Cai, Y. Chen, and Y. Chen, "DHT-Based Security Infrastructure for Trusted Internet and Grid Computing," Int'l J. Critical Infrastructures, vol. 2, no. 4, pp. 412-433, Dec. 2006.
    • (2006) Int'l J. Critical Infrastructures , vol.2 , Issue.4 , pp. 412-433
    • Hwang, K.1    Kwok, Y.2    Song, S.3    Cai, M.4    Chen, Y.5    Chen, Y.6
  • 18
    • 0034455983 scopus 로고    scopus 로고
    • Adaptive Intrusion Detection: A Data Mining Approach
    • Kluwer Academic Publishers, Dec
    • W. Lee, S.J. Stolfo, and K. Mok, "Adaptive Intrusion Detection: A Data Mining Approach," Artificial Intelligence Rev., vol. 14, no. 6, pp. 533-567, Kluwer Academic Publishers, Dec. 2000.
    • (2000) Artificial Intelligence Rev , vol.14 , Issue.6 , pp. 533-567
    • Lee, W.1    Stolfo, S.J.2    Mok, K.3
  • 21
    • 35248857893 scopus 로고    scopus 로고
    • An Analysis of the 1999 DARPA/ Lincoln Lab Evaluation Data for Network Anomaly Detection
    • Sept
    • M.V. Mahoney and P.K. Chan, "An Analysis of the 1999 DARPA/ Lincoln Lab Evaluation Data for Network Anomaly Detection," Proc. Int'l Symp. Recent Advances in Intrusion Detection, pp. 220-237, Sept. 2003.
    • (2003) Proc. Int'l Symp. Recent Advances in Intrusion Detection , pp. 220-237
    • Mahoney, M.V.1    Chan, P.K.2
  • 23
    • 85019691440 scopus 로고    scopus 로고
    • Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Off-line Intrusion Detection System Evaluation as Performed by Lincoln Laboratory
    • Nov
    • J. McHugh, "Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Off-line Intrusion Detection System Evaluation as Performed by Lincoln Laboratory," ACM Trans. Information and System Security, vol. 3, no. 4, Nov. 2000.
    • (2000) ACM Trans. Information and System Security , vol.3 , Issue.4
    • McHugh, J.1
  • 24
    • 84883386223 scopus 로고    scopus 로고
    • Abstraction-Based Intrusion Detection in Distributed Environments
    • Nov
    • P. Ning, S. Jajodia, and X.S. Wang, "Abstraction-Based Intrusion Detection in Distributed Environments," ACM Trans. Information and System Security, vol. 4, no. 4, pp. 407-452, Nov. 2001.
    • (2001) ACM Trans. Information and System Security , vol.4 , Issue.4 , pp. 407-452
    • Ning, P.1    Jajodia, S.2    Wang, X.S.3
  • 25
    • 0038282217 scopus 로고    scopus 로고
    • Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt
    • D. Barbara and S. Jajodia, eds, Kluwer Academic Publishers
    • S. Noel, D. Wijesekera, and C. Youman, "Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt," Applications of Data Mining in Computer Security, D. Barbara and S. Jajodia, eds., Kluwer Academic Publishers, 2002.
    • (2002) Applications of Data Mining in Computer Security
    • Noel, S.1    Wijesekera, D.2    Youman, C.3
  • 26
    • 85084164413 scopus 로고    scopus 로고
    • Bro: A System for Detecting Network Intrusions in Real Time
    • V. Paxson, "Bro: A System for Detecting Network Intrusions in Real Time," Proc. Seventh USENIX Security Symp., 1998.
    • (1998) Proc. Seventh USENIX Security Symp
    • Paxson, V.1
  • 27
    • 0002629036 scopus 로고    scopus 로고
    • EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances
    • Oct
    • P.A. Porras and P.G. Neumann, "EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances," Proc. 19th Nat'l Computer Security Conf., pp. 353-365, Oct. 1997.
    • (1997) Proc. 19th Nat'l Computer Security Conf , pp. 353-365
    • Porras, P.A.1    Neumann, P.G.2
  • 33
    • 0029756282 scopus 로고    scopus 로고
    • Cooperating Security Managers: A Peer-Based Intrusion Detection System
    • Jan
    • G.B. White, E.A. Fisch, and U.W. Pooch, "Cooperating Security Managers: A Peer-Based Intrusion Detection System," IEEE Network, pp. 20-23, Jan. 1996.
    • (1996) IEEE Network , pp. 20-23
    • White, G.B.1    Fisch, E.A.2    Pooch, U.W.3


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.