메뉴 건너뛰기




Volumn 38, Issue 5, 2008, Pages 649-659

Random-forests-based network intrusion detection systems

Author keywords

Computer network security; Data mining; Intrusion detection; Random forests

Indexed keywords

ADMINISTRATIVE DATA PROCESSING; ALGORITHMS; BOOLEAN FUNCTIONS; COMPUTER CRIME; COMPUTER NETWORKS; DATA MINING; DECISION SUPPORT SYSTEMS; INFORMATION MANAGEMENT; INTERNET; MINING; RANDOM PROCESSES; SECURITY OF DATA; SIGNAL DETECTION;

EID: 50649094035     PISSN: 10946977     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSMCC.2008.923876     Document Type: Article
Times cited : (460)

References (39)
  • 1
    • 50649120504 scopus 로고    scopus 로고
    • CSI/FBI Computer Crime and Security Survey, San Francisco, CA, Online, Available
    • CSI/FBI Computer Crime and Security Survey. (2004). Computer Security Inst., San Francisco, CA. [Online]. Available: http://www.issa-sac.org/ docs/FBI2004.pdf
    • (2004) Computer Security Inst
  • 2
    • 0041382385 scopus 로고    scopus 로고
    • Online, Available
    • L. Breiman and A. Cutler, Random Forests. (2006). [Online]. Available: http://stat-www.berkeley.edu/users/breiman/RandomForests/cchome.htm
    • (2006) Random Forests
    • Breiman, L.1    Cutler, A.2
  • 3
    • 50649089728 scopus 로고    scopus 로고
    • DARPA Intrusion Detection Evaluation, Online, Available
    • DARPA Intrusion Detection Evaluation. (2006). [Online]. Available: http://www.ll.mit.edu/IST/ideval/
    • (2006)
  • 5
    • 50649088095 scopus 로고    scopus 로고
    • WEKA software, Online, Available
    • WEKA software. (2006). [Online]. Available: http://www.cs.waikato.ac.nz/ ml/weka/
    • (2006)
  • 6
    • 3543127088 scopus 로고    scopus 로고
    • DSTO Electron. Surveill. Res. Lab, Salisbury, Australia, Tech. Rep. DSTO-GD-0286, May
    • T. Abraham, "IDDM: Intrusion detection using data mining techniques," DSTO Electron. Surveill. Res. Lab., Salisbury, Australia, Tech. Rep. DSTO-GD-0286, May 2001.
    • (2001) IDDM: Intrusion detection using data mining techniques
    • Abraham, T.1
  • 12
    • 0035478854 scopus 로고    scopus 로고
    • Random forests
    • L. Breiman, "Random forests," Mach. Learn., vol. 45, pp. 5-32, 2001.
    • (2001) Mach. Learn , vol.45 , pp. 5-32
    • Breiman, L.1
  • 14
    • 0038428854 scopus 로고    scopus 로고
    • Results of the KDD'99 classifier learning
    • C. Elkan, "Results of the KDD'99 classifier learning," SIGKDD Explorations, vol. 1, no. 2, pp. 63-64, 2000.
    • (2000) SIGKDD Explorations , vol.1 , Issue.2 , pp. 63-64
    • Elkan, C.1
  • 19
    • 84885774862 scopus 로고    scopus 로고
    • A framework for constructing features and models for intrusion detection systems
    • Nov
    • W. Lee and S. Stolfo, "A framework for constructing features and models for intrusion detection systems," ACM Trans. Inf. Syst. Secur., vol. 3, no. 4, pp. 227-261, Nov. 2000.
    • (2000) ACM Trans. Inf. Syst. Secur , vol.3 , Issue.4 , pp. 227-261
    • Lee, W.1    Stolfo, S.2
  • 20
    • 85084163349 scopus 로고    scopus 로고
    • Data mining approaches for intrusion detection
    • San Antonio, TX, Jan
    • W. Lee and S. Stolfo, "Data mining approaches for intrusion detection," in Proc. 7th USENIX Secur. Symp., San Antonio, TX, Jan. 1998, pp. 79-83.
    • (1998) Proc. 7th USENIX Secur. Symp , pp. 79-83
    • Lee, W.1    Stolfo, S.2
  • 21
    • 84868695480 scopus 로고    scopus 로고
    • Unsupervised anomaly detection in network intrusion detection using clusters
    • Newcastle, Australia, Jan
    • K. Leung and C. Leckie, "Unsupervised anomaly detection in network intrusion detection using clusters," in Proc. 28th Australasian CS Conf., Newcastle, Australia, Jan. 2005, vol. 38, pp. 333-342.
    • (2005) Proc. 28th Australasian CS Conf , vol.38 , pp. 333-342
    • Leung, K.1    Leckie, C.2
  • 22
    • 6344240057 scopus 로고    scopus 로고
    • Algorithms for spatial outlier detection
    • Melbourne, FL, Nov
    • C. Lu, D. Chen, and Y. Kou, "Algorithms for spatial outlier detection," in Proc. 3rd IEEE Int. Conf. Data Mining, Melbourne, FL, Nov. 2003, pp. 597-600.
    • (2003) Proc. 3rd IEEE Int. Conf. Data Mining , pp. 597-600
    • Lu, C.1    Chen, D.2    Kou, Y.3
  • 23
    • 35248857893 scopus 로고    scopus 로고
    • An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection
    • Proc. Recent Adv. Intrusion Detect, RAID, Pittsburgh, PA, Sep
    • M. Mahoney and P. Chan, "An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection," in Proc. Recent Adv. Intrusion Detect. (RAID), Pittsburgh, PA, Sep. 2003, Lecture Notes in Computer Science, vol. 2820, pp. 220-237.
    • (2003) Lecture Notes in Computer Science , vol.2820 , pp. 220-237
    • Mahoney, M.1    Chan, P.2
  • 24
    • 3042514639 scopus 로고    scopus 로고
    • Fuzzy data mining and genetic algorithms applied to intrusion detection
    • Baltimore, MD, Oct
    • S. Bridges and R. Vaughn, "Fuzzy data mining and genetic algorithms applied to intrusion detection," in Proc. Nat. Inf. Syst. Secur. Conf. (NISSC), Baltimore, MD, Oct. 2000, pp. 13-31.
    • (2000) Proc. Nat. Inf. Syst. Secur. Conf. (NISSC) , pp. 13-31
    • Bridges, S.1    Vaughn, R.2
  • 25
    • 33750944427 scopus 로고    scopus 로고
    • Ensemble learning for prediction,
    • Doctoral dissertation, Stanford Univ, Stanford, CA, Jan
    • B. Popescu and J. Friedman, "Ensemble learning for prediction," Doctoral dissertation, Stanford Univ., Stanford, CA, Jan. 2004.
    • (2004)
    • Popescu, B.1    Friedman, J.2
  • 26
    • 35248842651 scopus 로고    scopus 로고
    • Detecting anomalous network traffic with self-organizing maps
    • Proc. Recent Adv. Intrusion Detect, RAID, Pittsburgh, PA, Sep
    • M. Ramadas, S. Ostermann, and B. Tjaden, "Detecting anomalous network traffic with self-organizing maps," in Proc. Recent Adv. Intrusion Detect. (RAID), Pittsburgh, PA, Sep. 2003, Lecture Notes in Computer Science, vol. 2820, pp. 36-54.
    • (2003) Lecture Notes in Computer Science , vol.2820 , pp. 36-54
    • Ramadas, M.1    Ostermann, S.2    Tjaden, B.3
  • 28
    • 84958984156 scopus 로고    scopus 로고
    • Undermining an anomaly based intrusion detection system using common exploits
    • Zurich, Switzerland, Oct
    • K. Tan, K. Killourhy, and R. Maxion, "Undermining an anomaly based intrusion detection system using common exploits," in Proc. Recent Adv. Intrusion Detect. (RAID), Zurich, Switzerland, Oct. 2002, pp. 54-73.
    • (2002) Proc. Recent Adv. Intrusion Detect. (RAID) , pp. 54-73
    • Tan, K.1    Killourhy, K.2    Maxion, R.3
  • 29
    • 21644481499 scopus 로고    scopus 로고
    • A serial combination of anomaly and misuse IDSes applied to HTTP traffic
    • Tucson, AZ, Dec
    • E. Tombini, H. Debar, L. Me, and M. Ducasse, "A serial combination of anomaly and misuse IDSes applied to HTTP traffic," in Proc. 20th Annu. Comput. Secur. Appl. Conf., Tucson, AZ, Dec. 2004, pp. 428-437.
    • (2004) Proc. 20th Annu. Comput. Secur. Appl. Conf , pp. 428-437
    • Tombini, E.1    Debar, H.2    Me, L.3    Ducasse, M.4
  • 30
    • 33746076451 scopus 로고    scopus 로고
    • One-class support vector machine for anomaly network traffic detection
    • presented at the, Cairns, Australia, Jul
    • Q. Tran, H. Duan, and X. Li, "One-class support vector machine for anomaly network traffic detection," presented at the 2nd Netw. Res. Workshop 18th APAN, Cairns, Australia, Jul. 2004.
    • (2004) 2nd Netw. Res. Workshop 18th APAN
    • Tran, Q.1    Duan, H.2    Li, X.3
  • 31
    • 51349159085 scopus 로고    scopus 로고
    • Probability estimates for multi-class classification by pairwise coupling
    • Dec
    • T. Wu, C. Lin, and R. Weng, "Probability estimates for multi-class classification by pairwise coupling," J. Mach. Learn. Res., vol. 5, pp. 975-1005, Dec. 2004.
    • (2004) J. Mach. Learn. Res , vol.5 , pp. 975-1005
    • Wu, T.1    Lin, C.2    Weng, R.3
  • 32
  • 33
    • 33750955638 scopus 로고    scopus 로고
    • A hybrid network intrusion detection technique using random forests
    • Vienna, Austria: IEEE CS Press, Apr
    • J. Zhang and M. Zulkernine, "A hybrid network intrusion detection technique using random forests," in Proc. Int. Conf. Availability, Reliability Secur. (AReS). Vienna, Austria: IEEE CS Press, Apr. 2006, pp. 262-269.
    • (2006) Proc. Int. Conf. Availability, Reliability Secur. (AReS) , pp. 262-269
    • Zhang, J.1    Zulkernine, M.2
  • 34
    • 42549142161 scopus 로고    scopus 로고
    • Anomaly based network intrusion detection with unsupervised outlier detection
    • Istanbul, Turkey, Jun
    • J. Zhang and M. Zulkernine, "Anomaly based network intrusion detection with unsupervised outlier detection," in Proc. IEEE Int. Conf. Commun. (ICC) - Symp. Netw. Secur. Inf. Assur., Istanbul, Turkey, Jun. 2006, vol. 5, pp. 2388-2393.
    • (2006) Proc. IEEE Int. Conf. Commun. (ICC) - Symp. Netw. Secur. Inf. Assur , vol.5 , pp. 2388-2393
    • Zhang, J.1    Zulkernine, M.2
  • 35
  • 36
    • 28444460711 scopus 로고    scopus 로고
    • Distributed intrusion detection based on clustering
    • Guangzhou, China, Aug
    • Y. Zhang, Y. Zhong, and X. Wang, "Distributed intrusion detection based on clustering," in Proc. 4th Int. Conf. Mach. Learn. Cybern., Guangzhou, China, Aug. 2005, vol. 4, pp. 2379-2383.
    • (2005) Proc. 4th Int. Conf. Mach. Learn. Cybern , vol.4 , pp. 2379-2383
    • Zhang, Y.1    Zhong, Y.2    Wang, X.3
  • 37
    • 33748846781 scopus 로고    scopus 로고
    • Network-based intrusion detection using adaboost algorithm
    • Sep
    • W. Hu and W. Hu, "Network-based intrusion detection using adaboost algorithm," in Proc. IEEE/WIC/ACM Int. Conf. Web Intell., Sep. 2005, pp. 712-717.
    • (2005) Proc. IEEE/WIC/ACM Int. Conf. Web Intell , pp. 712-717
    • Hu, W.1    Hu, W.2
  • 38
    • 85019691440 scopus 로고    scopus 로고
    • Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA offline intrusion detection system evaluation as performed by Lincoln Laboratory
    • Nov
    • J. McHugh, "Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA offline intrusion detection system evaluation as performed by Lincoln Laboratory," ACM Trans. Inf. Syst. Secur., vol. 3, no. 4, pp. 262-294, Nov. 2000.
    • (2000) ACM Trans. Inf. Syst. Secur , vol.3 , Issue.4 , pp. 262-294
    • McHugh, J.1
  • 39
    • 0034455983 scopus 로고    scopus 로고
    • Adaptive intrusion detection: A data mining approach
    • Dec
    • W. Lee, S. Stolfo, and K. Mok, "Adaptive intrusion detection: A data mining approach," Artif. Intell. Rev., vol. 14, pp. 533-567, Dec. 2000.
    • (2000) Artif. Intell. Rev , vol.14 , pp. 533-567
    • Lee, W.1    Stolfo, S.2    Mok, K.3


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.