On the use of decision trees as behavioral approaches in intrusion detection

Proceedings - 7th International Conference on Machine Learning and Applications, ICMLA 2008

Volumn , Issue , 2008, Pages 665-670

  Tabia, Karim ^a   Benferhat, Salem ^a  

^a UNIVERSITÉ D'ARTOIS   (France)

Author keywords

[No Author keywords available]

Indexed keywords

INTRUSION DETECTION; ROBOT LEARNING;

ANOMALY DETECTIONS; BEHAVIOR DETECTIONS; BEHAVIORAL APPROACHES; EXPERIMENTAL STUDIES; HTTP TRAFFICS; MDL PRINCIPLES; MINIMUM DESCRIPTION LENGTH PRINCIPLES; MINIMUM SUBSETS; NORMAL BEHAVIORS; WEB ATTACKS;

DECISION TREES;

EID: 60649109609     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICMLA.2008.63     Document Type: Conference Paper

References (21)

1. Nahla Ben Amor, Salem Benferhat, and Zied Elouedi, Naive bayes vs decision trees in intrusion detection systems. In SAC'04: Proceedings of the 2004 ACM symposium on Applied computing, pages 420-424, New York. NY, USA, 2004. ACM.
2. Stefan Axelsson. Intrusion detection systems: A survey and taxonomy. Technical Report 99-15. Chalmers Univ.. March 2000.
3. Daniel Barbará, Ningning Wu, and Sushil Jajodia. Detecting novel network intrusions using bayes estimators. In Proceedings of the First SIAM Conference on Data Mining, April 2001.
4. S. Benferhat and K. Tabia. On the detection of novel attacks using behavioral approaches, 3rd international conference on software and data technologies icsoft'08, porto, portugal, 2008.
5. S. Benferhat and K. Tabia. Classification features for detecting serverside and client-side web attacks. In SEC2008 : 23rd International Security Conference. Milan. Italy, 2008.
6. Salem Benferhat and Karim Tabia. On the combination of naive bayes and decision trees for intrusion detection. In CIMCA05, pages 211-216, 2005.
7. Salem Benferhat, Karim Tabia, and Yassine Djouadi. Integrating anomaly-based detection with bayesian-decision tree classifiers. In International Conference on Advances in Information and Communication Technologies ICICOT07, Manipal. India, 2007.
8. Yacine Bouzida and Frédéric Cupens. Detecting known and novel network intrusion. In 21st IFIP international information security conference, 22-24 may, Karlstad University, Karlstad, Sweden, 2006.
9. L. Breiman, J. Friedman, R. Olshen, and C. Stone. Classification and Regression Trees. Wadsworth and Brooks, Monterey, CA, 1984.
10. Charles Elkan. Results of the kdd'99 classifier learning. SIGKDD Explorations. 1 (2):63-64, 2000.
11. Kenneth L. Ingham and Hajime Inoue. Comparing anomaly detection techniques for http. In RAID, pages 42-62, 2007.
12. Wenke Lee. A data mining framework for constructing features and models for intrusion detection systems. PhD thesis, NY, USA, 1999.
13. Richard Lippmann, Joshua W. Haines, David J. Fried, Jonathan Korba, and Kumar Das. The 1999 darpa off-line intrusion detection evaluation. Comput. Networks, 34 (4):579-595, 2000.
14. Peter G. Neumann and Phillip A. Porras. Experience with EMERALD to date. pages 73-80. 1999.
15. J. R. Quinlan. Induction of decision trees. Much. Learn., 1 (1), 1986.
16. J. Ross Quinlan. C4.5: programs for machine learning. Morgan Kaufmann Publishers Inc.. San Francisco. CA. USA. 1993.
17. J Rissanen. Modelling by the shortest data description. Automatica, 14:465-471, 1978.
18. Abdallah Abbey Sebyala, Temitope Olukemi, and Lionel Sacks. Active platform security through intrusion detection using naive bayesian network for anomaly detection. In Proceedings of the London Communications Symposium 2002, 2002.
19. Snort. Snort: The open source network intrusion detection system. http://www.snort.org. 2002.
20. Elvis Tombini, Herve Debar, Ludovic Me, and Mireille Ducasse. A serial combination of anomaly and misuse idses applied to http traffic. In ACSAC'04: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC04), pages 428-437, 2004.
21. Alfonso Valdes and Keith Skinner. Adaptive, model-based monitoring for cyber attack detection. In Recent Advances in Intrusion Detection, pages 80-92, 2000.