An adaptive expert system approach for intrusion detection

International Journal of Security and Networks

Volumn 1, Issue 3-4, 2006, Pages 206-217

  Owens, Stephen F ^a   Levary, Reuven R ^a  

^a SAINT LOUIS UNIVERSITY   (United States)

Author keywords

adaptive expert systems; computer security; fuzzy sets; intruder detection

Indexed keywords

EID: 77955290752     PISSN: 17478405     EISSN: 17478413     Source Type: Journal    
DOI: 10.1504/ijsn.2006.011780     Document Type: Article

References (30)

1. Anonymous (2000) ‘Intrusion detection systems stymie network hackers’, Security, Vol. 37, No. 7, pp.58–60.
2. Bauer, D.S., Eichelman II., F.R., Herrera, R.M. and Irgon, A.E. (1989) ‘Intrusion detection: an application of expert systems to computer security’, Proceedings of the International Carnahan Conference on Security Technology, pp.97–100.
3. Bernstein, T., Bhimani, A., Schultz, E. and Siegel, C. (1996) Internet Security for Business, New York: John Wiley & Sons.
4. Cabrera, J.B.D., Lewis, L., Qin, X., Lee, W., Prasanth, R.K., Ravichandran, B. and Mehra, R.K. (2001) ‘Proactive detection of distributed denial of service attacks using MIB traffic variables – a feasibility study’, Proceedings of the Seventh IFIP/IEEE International Symposium on Integrated Network Management, May, Seattle, WA.
5. Cabrera, J.B.D., Lewis, L.M., Qin, X., Gutierrez, C., Lee, W. and Mehra, R.K. (2003) ‘Proactive intrusion detection and SNMP – based security management: new experiments and validation’, Integrated Network Management, pp.93–96.
6. Cheung, S., Lindqvist, U. and Fong, M.W. (2003) Modeling Multi Step Cyber Attacks for Scenario Recognition, DARPA Information Survivability Conference, Washington, DC.
7. Denault, M., Gritzalis, D., Karagiannis, D. and Spirakis, P. (1994) ‘Intrusion detection: approach and performance issues of the SECURENET system’, Computers and Security, Vol. 13, pp.495–508.
8. Denning, D.E. (1987) ‘An intrusion-detection model’, IEEE Transactions on Software Engineering, SE-13, No. 2, pp.222–232.
9. Dhar, V. and Stein, R. (1997) Intelligent Decision Support Methods, Upper Saddle River: Prentice-Hall, Inc.
10. Eskin, E., Miller, M., Zhong, Z., Yi, G., Lee, W. and Stelfe, S. (2000) ‘Adaptive model generation for intrusion detection systems’, Workshop on Intrusion Detection and Prevention, Seventh ACM Conference on Computer Security, November, Athens, Greece.
11. Gao, D., Reiter, M.K. and Song, D. (2004) ‘On gray – box program tracking for anomaly detection’, Thirteenth USEIX Security Symposium, August, San Diego, CA, pp.9–13.
12. Giarratano, J.C. (1998) CLIPS User’s Guide, Version 6.10.
13. Haines, J.W., Rossey, L.M. and Lippmann, R.P. (2001) ‘Extending the DARPA off-line intrusion detection evaluation’, Proceedings of DISCEX, June, Anaheim, CA, pp.11–12.
14. Hulten, G., Spencer, L. and Domingos, P. (2001) ‘Mining time-changing data streams’, Proceedings of the Seventh ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, August, San Francisco, CA.
15. Iheagwara, C., Blyth, A. and Singhal, M. (2003) ‘A comparative experimental evaluation study of intrusion detection system performance in a gigabit environment’, Journal of Computer Security, Vol. 11, No. 1, pp.1–33.
16. Ilgun, K., Kemmerer, R.A. and Porras, P.A. (1995) ‘State transition analysis: a rule based intrusion detection system’, IEEE Transactions on Software Engineering, Vol. 21, No. 3, pp.181–189.
17. Kerschbaum, F., Spafford, E.H. and Zamboni, D. (2002) ‘Using internal sensors and embedded detectors for intrusion detection’, Journal of Computer Security, Vol. 11, Nos. 1/2, pp.23–70.
18. Ko, C. (2000) ‘Logic induction of valid behavior specifications for intrusion detection’, IEEE Symposium on Security and Privacy, May, Oakland, CA.
19. Larson, E. and Austin, T. (2003) ‘High coverage detection of input-related security faults’, Twelfth USENIX Security Symposium, August, Washington, DC, pp.4–8.
20. Lee, W., Stolfo, S.J. and Mok, K. (1999) ‘Data mining in work flow environment experiences in intrusion detection’, Proceedings of the Fifth ACM SIGKDD Conference on Knowledge Discovery and Data Mining, August, San Diego, CA.
21. Levary, R.R. and Madeo, L.A. (1991) ‘Expert system-user integrated adaptive systems’, Expert Systems with Applications, Vol. 3, pp.489–498.
22. Liao, Y. and Vermuti, R. (2002) ‘Using text categorization techniques for intrusion detection’, Eleventh USENIX Security Symposium, August, San Francisco, CA, pp.5–9.
23. Lindqvist, U. and Porras, P.A. (1999) ‘Detecting computer and network misuse through the production-based expert system tool set’, IEEE Symposium on Security and Privacy, May, Berkeley, CA.
24. Marchette, D.J. (2001), Computer Intrusion Detection and Network Monitoring, New York: Springer-Verlag.
25. Paxson, V. and Stamiford, S. (2001) ‘Topics in intrusion detection: Correlation and network-based approaches’, Eighth ACM Conference on Computer and Communications Security, November, Philadephia.
26. Portnoy, L., Eskin, E. and Stolto, S.J. (2001) ‘Intrusion detection with unlabeled data using clustering’, Proceedings of ACM CSS Workshop on Data Mining Applied to Security, November, Philadelphia.
27. Power, R. (1998), ‘CSI roundtable: experts discuss present and future intrusion detection systems’, Computer Security Journal, Vol. XIV, No. 1, pp.1–14.
28. Sommers, R.C. (1996), Secure Computing: Threats and Safeguard, New York: McGraw-Hill.
29. Stottler, Honke Associates, Inc. (2000) ‘ChAD: Change and anomaly detection’, Workshop on Intrusion Detection and Prevention, Seventh ACM Conference on Computer Security, November, Athens, Greece.
30. Zadeh, L. (1965) ‘Fuzzy sets’, Information and Control, Vol. 8, pp.338–353.