Mining network traffic data for attacks through MOVICAB-IDS

Studies in Computational Intelligence

Volumn 204, Issue , 2009, Pages 377-394

  Herrero, Álvaro ^a   Corchado, Emilio ^a  

^a UNIVERSITY OF BURGOS   (Spain)

Author keywords

Artificial Neural Networks; Computer Network Security; Data Mining; Intrusion Detection; Unsupervised Learning

Indexed keywords

EID: 65549109478     PISSN: 1860949X     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-3-642-01088-0_16     Document Type: Article

References (50)

1. Case, J., Fedor, M.S., Schoffstall, M.L., Davin, C.: Simple Network Management Protocol (SNMP). RFC-1157. (1990)
2. Lu, W., Traore, I.: Detecting New Forms of Network Intrusion Using Genetic Programming. Computational Intelligence 20(3), 475-494 (2004)
3. Julisch, K.: Chapter 1 - Data Mining for Intrusion Detection: A Critical Review. In: Applications of Data Mining in Computer Security. Advances in Information Security. Springer, Heidelberg (2002)
4. Lee, W., Stolfo, S.J.: A framework for constructing features and models for intrusion detection systems. In: ACM Transactions on Information and System Security (TIS-SEC), vol. 3(4), pp. 227-261. ACM Press, New York (2000)
5. Liao, Y.H., Vemuri, V.R.: Use of K-Nearest Neighbor Classifier for Intrusion Detection. Computers & Security 21(5), 439-448 (2002)
6. Lee, W., Stolfo, S.J., Mok, K.W.: Adaptive Intrusion Detection: A Data Mining Approach. Artificial Intelligence Review 14(6), 533-567 (2000)
7. Giacinto, G., Roli, F., Didaci, L.: Fusion of Multiple Classifiers for Intrusion Detection in Computer Networks. Pattern Recognition Letters 24(12), 1795-1803 (2003)
8. Chebrolu, S., Abraham, A., Thomas, J.P.: Feature Deduction and Ensemble Design of Intrusion Detection Systems. Computers & Security 24(4), 295-307 (2005)
9. Denning, D.E.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering 13(2), 222-232 (1987)
10. Lunt, T.F.: IDES: An Intelligent System for Detecting Intruders. In: Proceedings of the Symposium: Computer Security, Threat and Countermeasures (1990)
11. Vaccaro, H.S., Liepins, G.E.: Detection of Anomalous Computer Session Activity. In: Liepins, G.E. (ed.) Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 280-289 (1989)
12. Sebring, M., Shellhouse, E., Hanna, M., Whitehurst, R.: Expert Systems in Intrusion Detection: A Case Study. In: Proceedings of the 11th National Computer Security Conference, pp. 74-81 (1988)
13. Zanero, S., Savaresi, S.: Unsupervised Learning Techniques for an Intrusion Detection System. In: Proc. of the ACM Symposium on Applied Computing, pp. 412-419 (2004)
14. Corchado, E., Herrero, A., Sáiz, J.M.: Detecting Compounded Anomalous SNMP Situations Using Cooperative Unsupervised Pattern Recognition. In: Duch, W., Kacprzyk, J., Oja, E., Zadro ny, S. (eds.) ICANN 2005. LNCS, vol. 3697, pp. 905-910. Springer, Heidelberg (2005)
15. Herrero, A., Corchado, E., Sáiz, J.M.: An Unsupervised Cooperative Pattern Recognition Model to Identify Anomalous Massive SNMP Data Sending. In: Wang, L., Chen, K., S. Ong, Y. (eds.) ICNC 2005. LNCS, vol. 3610, pp. 778-782. Springer, Heidelberg (2005)
16. Sarasamma, S.T., Zhu, Q.M.A., Huff, J.: Hierarchical Kohonenen Net for Anomaly Detection in Network Security. IEEE Transactions on Systems Man and Cybernetics, Part B 35(2), 302-312 (2005)
17. Mukkamala, S., Sung, A.H.: Feature Selection for Intrusion Detection Using Neural Networks and Support Vector Machines. Transportation Security and Infrastructure Protection, 33-39 (2003)
18. Zhang, C.L., Jiang, J., Kamel, M.: Intrusion Detection Using Hierarchical Neural Networks. Pattern Recognition Letters 26(6), 779-791 (2005)
19. Marchette, D.J.: Computer Intrusion Detection and Network Monitoring: A Statistical Viewpoint. Information Science and Statistics. Springer, New York (2001)
20. Roesch, M.: Snort-Lightweight Intrusion Detection for Networks. In: Proc. of the 13th Systems Administration Conf (LISA 1999), pp. 229-238 (1999)
21. Muelder, C., Ma, K.L., Bartoletti, T.: Interactive Visualization for Network and Port Scan Detection. In: Zamboni, D., Kruegel, C. (eds.) RAID 2005. LNCS, vol. 3858, pp. 265-283. Springer, Heidelberg (2006)
22. Nyarko, K., Capers, T., Scott, C., Ladeji-Osias, K.A.: Network Intrusion Visualization with NIVA, an Intrusion Detection Visual Analyzer with Haptic Integration. In: Capers, T. (ed.) Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems, 2002 (HAPTICS 2002), pp. 277-284 (2002)
23. Labib, K., Vemuri, V.R.: An Application of Principal Component Analysis to the Detection and Visualization of Computer Network Attacks. Annals of Telecommunications 61(1-2), 218-234 (2006)
24. Becker, R.A., Eick, S.G., Wilks, A.R.: Visualizing Network Data. IEEE Transactions on Visualization and Computer Graphics 1(1), 16-28 (1995)
25. Ren, P., Gao, Y., Li, Z.C., Chen, Y., Watson, B.: IDGraphs: Intrusion Detection and Analysis Using Stream Compositing. IEEE Computer Graphics and Applications 26(2), 28-39 (2006)
26. Ahlberg, C., Shneiderman, B.: Visual Information Seeking: Tight Coupling of Dynamic Query Filters with Starfield Displays. In: Readings in information visualization: Using vision to think, pp. 244-250. Morgan Kaufmann Publishers Inc., San Francisco (1999)
27. Wooldridge, M., Jennings, N.R.: Agent theories, architectures, and languages: A survey. Intelligent Agents (1995)
28. Aamodt, A., Plaza, E.: Case-Based Reasoning - Foundational Issues, Methodological Variations, and System Approaches. AI Communications 7(1), 39-59 (1994)
29. Chuvakin, A.: Monitoring IDS. Information Security Journal: A Global Perspective 12(6), 12-16 (2004)
30. Hotelling, H.: Analysis of a Complex of Statistical Variables Into Principal Components. Journal of Education Psychology 24, 417-444 (1933)
31. Pearson, K.: On Lines and Planes of Closest Fit to Systems of Points in Space. Philosophical Magazine 2(6), 559-572 (1901)
32. Oja, E.: Neural networks, principal components, and subspaces. Int. Journal of Neural Systems 1, 61-68 (1989)
33. Friedman, J.H., Tukey, J.W.: A Projection Pursuit Algorithm for Exploratory Data-Analysis. IEEE Transactions on Computers 23(9), 881-890 (1974)
34. Diaconis, P., Freedman, D.: Asymptotics of Graphical Projection Pursuit. The Annals of Statistics 12(3), 793-815 (1984)
35. Corchado, E., MacDonald, D., Fyfe, C.: Maximum and Minimum Likelihood Hebbian Learning for Exploratory Projection Pursuit. Data Mining and Knowledge Discovery 8(3), 203-225 (2004)
36. Fyfe, C., Corchado, E.: Maximum Likelihood Hebbian Rules. In: Proc. of the 10th European Symposium on Artificial Neural Networks (ESANN 2002), pp. 143-148 (2002)
37. Corchado, E., Fyfe, C.: Connectionist Techniques for the Identification and Suppression of Interfering Underlying Factors. Int. Journal of Pattern Recognition and Artificial Intelligence 17(8), 1447-1466 (2003)
38. Corchado, E., Han, Y., Fyfe, C.: Structuring Global Responses of Local Filters Using Lateral Connections. Journal of Experimental & Theoretical Artificial Intelligence 15(4), 473-487 (2003)
39. Seung, H.S., Socci, N.D., Lee, D.: The Rectified Gaussian Distribution. Advances in Neural Information Processing Systems 10, 350-356 (1998)
40. Kohonen, T.: The Self-Organizing Map. Proceedings of the IEEE 78(9), 1464-1480 (1990)
41. Ritter, H., Martinetz, T., Schulten, K.: Neural Computation and Self-Organizing Maps; An Introduction. Addison-Wesley Longman Publishing Co., Inc. (1992)
42. Carrascosa, C., Bajo, J., Julián, V., Corchado, J.M., Botti, V.: Hybrid Multi-agent Architecture as a Real-Time Problem-Solving Model. Expert Systems with Applications: An International Journal 34(1), 2-17 (2008)
43. Corchado, J.M., Laza, R.: Constructing Deliberative Agents with Case-Based Reasoning Technology. International Journal of Intelligent Systems 18(12), 1227-1241 (2003)
44. Pellicer, M.A., Corchado, J.M.: Development of CBR-BDI Agents. International Journal of Computer Science and Applications 2(1), 25-32 (2005)
45. Case, J., Fedor, M.S., Schoffstall, M.L., Davin, C.: Simple Network Management Protocol (SNMP). RFC- 1157 (1990)
46. Cisco Secure Consulting. Vulnerability Statistics Report (2000)
47. Myerson, J.M.: Identifying Enterprise Network Vulnerabilities. Int. Journal of Network Management 12(3), 135-144 (2002)
48. Postel, J.: IAB Official Protocol Standards. RFC-1100 (1989)
49. Stephen, L.: The Spinning Cube of Potential Doom. Commun. ACM 47(6), 25-26 (2004)
50. Kulsoom, A., Lee, C., Conti, G., Copeland, J.A.: Visualizing Network Data for Intrusion Detection. In: Proc. of the Sixth Annual IEEE Information Assurance Workshop - Systems, Man and Cybernetics (SMC), 2005, pp. 100-108 (2005)