메뉴 건너뛰기




Volumn 6503 LNCS, Issue , 2010, Pages 201-215

Abstracting audit data for lightweight intrusion detection

Author keywords

[No Author keywords available]

Indexed keywords

AFFINITY PROPAGATION; ANOMALY INTRUSION DETECTION; AUDIT DATA; DATA ABSTRACTION; DETECTION EFFICIENCY; DETECTION MODELS; DETECTION PERFORMANCE; HIGH SPEED; HTTP TRAFFIC; K-MEANS; POTENTIAL SOLUTIONS; REAL TIME PERFORMANCE; TEST RESULTS;

EID: 78650860002     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-17714-9_15     Document Type: Conference Paper
Times cited : (6)

References (34)
  • 2
    • 78650876301 scopus 로고    scopus 로고
    • A data mining framework for building intrusion detection models
    • Lee, W., Stolfo, S.J., Mok, K.W.: A data mining framework for building intrusion detection models. In: IEEE S&P (1999)
    • (1999) IEEE S&P
    • Lee, W.1    Stolfo, S.J.2    Mok, K.W.3
  • 3
    • 35048885009 scopus 로고    scopus 로고
    • Anomalous payload-based network intrusion detection
    • Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. Springer, Heidelberg
    • Wang, K., Stolfo, S.J.: Anomalous payload-based network intrusion detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 203-222. Springer, Heidelberg (2004)
    • (2004) LNCS , vol.3224 , pp. 203-222
    • Wang, K.1    Stolfo, S.J.2
  • 4
    • 33745641552 scopus 로고    scopus 로고
    • Anomalous payload-based worm detection and signature generation
    • Valdes, A., Zamboni, D. (eds.) RAID 2005. Springer, Heidelberg
    • Wang, K., Cretu, G.F., Stolfo, S.J.: Anomalous payload-based worm detection and signature generation. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 227-246. Springer, Heidelberg (2006)
    • (2006) LNCS , vol.3858 , pp. 227-246
    • Wang, K.1    Cretu, G.F.2    Stolfo, S.J.3
  • 6
    • 55949124178 scopus 로고    scopus 로고
    • Fast intrusion detection based on a non-negative matrix factorization model
    • Guan, X., Wang, W., Zhang, X.: Fast intrusion detection based on a non-negative matrix factorization model. J. Network and f Applications 32(1), 31-44 (2009)
    • (2009) J. Network and F Applications , vol.32 , Issue.1 , pp. 31-44
    • Guan, X.1    Wang, W.2    Zhang, X.3
  • 7
    • 33750333036 scopus 로고    scopus 로고
    • Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data
    • Wang, W., Guan, X., Zhang, X., Yang, L.: Profiling program behavior for anomaly intrusion detection based on the transition and frequency property of computer audit data. Computers & Security 25(7), 539-550 (2006)
    • (2006) Computers & Security , vol.25 , Issue.7 , pp. 539-550
    • Wang, W.1    Guan, X.2    Zhang, X.3    Yang, L.4
  • 9
    • 0034325396 scopus 로고    scopus 로고
    • Detecting masquerades in intrusion detection based on unpopular commands
    • Schonlau, M., Theus, M.: Detecting masquerades in intrusion detection based on unpopular commands. Inf. Process. Lett. 76(1-2) (2000)
    • (2000) Inf. Process. Lett. , vol.76 , Issue.1-2
    • Schonlau, M.1    Theus, M.2
  • 10
    • 37049002837 scopus 로고    scopus 로고
    • Processing of massive audit data streams for real-time anomaly intrusion detection
    • Wang, W., Guan, X., Zhang, X.: Processing of massive audit data streams for real-time anomaly intrusion detection. Computer Communications 31(1), 58-72 (2008)
    • (2008) Computer Communications , vol.31 , Issue.1 , pp. 58-72
    • Wang, W.1    Guan, X.2    Zhang, X.3
  • 11
    • 38149142569 scopus 로고    scopus 로고
    • Comparing anomaly detection techniques for http
    • Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. Springer, Heidelberg
    • Ingham, K.L., Inoue, H.: Comparing anomaly detection techniques for http. In: Kruegel, C., Lippmann, R., Clark, A. (eds.) RAID 2007. LNCS, vol. 4637, pp. 42-62. Springer, Heidelberg (2007)
    • (2007) LNCS , vol.4637 , pp. 42-62
    • Ingham, K.L.1    Inoue, H.2
  • 12
    • 14844319067 scopus 로고    scopus 로고
    • Anomaly detection of web-based attacks
    • Krügel, C., Vigna, G.: Anomaly detection of web-based attacks. In: ACM CCS (2003)
    • (2003) ACM CCS
    • Krügel, C.1    Vigna, G.2
  • 13
    • 85180633963 scopus 로고    scopus 로고
    • Spectrogram: A mixture-of-markov-chains model for anomaly detection in web traffic
    • Song, Y., Keromytis, A.D., Stolfo, S.J.: Spectrogram: A mixture-of-markov-chains model for anomaly detection in web traffic. In: NDSS (2009)
    • (2009) NDSS
    • Song, Y.1    Keromytis, A.D.2    Stolfo, S.J.3
  • 14
    • 36849087003 scopus 로고    scopus 로고
    • Using generalization and characterization techniques in the anomaly-based detection of web attacks
    • Robertson, W.K., Vigna, G., Krügel, C., Kemmerer, R.A.: Using generalization and characterization techniques in the anomaly-based detection of web attacks. In: NDSS
    • NDSS
    • Robertson, W.K.1    Vigna, G.2    Krügel, C.3    Kemmerer, R.A.4
  • 15
    • 77953294708 scopus 로고    scopus 로고
    • A signal-processing view on packet sampling and anomaly detection
    • Brauckhoff, D., Salamatian, K., May, M.: A signal-processing view on packet sampling and anomaly detection. In: INFOCOM (2010)
    • (2010) INFOCOM
    • Brauckhoff, D.1    Salamatian, K.2    May, M.3
  • 17
    • 33847172327 scopus 로고    scopus 로고
    • Clustering by passing messages between data points
    • Frey, B.J., Dueck, D.: Clustering by passing messages between data points. Science 315(5814), 972-976 (2007)
    • (2007) Science , vol.315 , Issue.5814 , pp. 972-976
    • Frey, B.J.1    Dueck, D.2
  • 19
    • 0023294428 scopus 로고
    • An intrusion-detection model
    • Denning, D.E.: An intrusion-detection model. IEEE Trans. Software Eng. 13(2), 222-232 (1987)
    • (1987) IEEE Trans. Software Eng. , vol.13 , Issue.2 , pp. 222-232
    • Denning, D.E.1
  • 22
    • 78650924299 scopus 로고    scopus 로고
    • retrieved March 2009
    • KDD-Data: Kdd cup 1999 data (1999), http://kdd.ics.uci.edu/databases/ kddcup99/kddcup99.html (retrieved March 2009)
    • (1999) KDD-Data: Kdd Cup 1999 Data
  • 25
    • 51849104745 scopus 로고    scopus 로고
    • Towards fast detecting intrusions: Using key attributes of network traffic
    • July
    • Wang, W., Gombault, S., Guyet, T.: Towards fast detecting intrusions: using key attributes of network traffic. In: ICIMP (July 2008)
    • (2008) ICIMP
    • Wang, W.1    Gombault, S.2    Guyet, T.3
  • 27
    • 71749108310 scopus 로고    scopus 로고
    • Constructing attribute weights from computer audit data for effective intrusion detection
    • Wang,W., Zhang, X., Gombault, S.: Constructing attribute weights from computer audit data for effective intrusion detection. J. Sys. and Soft. 82(12) (2009)
    • (2009) J. Sys. and Soft. , vol.82 , Issue.12
    • Wang, W.1    Zhang, X.2    Gombault, S.3
  • 32
    • 56049108623 scopus 로고    scopus 로고
    • Data streaming with affinity propagation
    • Daelemans, W., Goethals, B., Morik, K. (eds.) ECML PKDD 2008, Part II. Springer, Heidelberg
    • Zhang, X., Furtlehner, C., Sebag, M.: Data streaming with affinity propagation. In: Daelemans, W., Goethals, B., Morik, K. (eds.) ECML PKDD 2008, Part II. LNCS (LNAI), vol. 5212, pp. 628-643. Springer, Heidelberg (2008)
    • (2008) LNCS (LNAI) , vol.5212 , pp. 628-643
    • Zhang, X.1    Furtlehner, C.2    Sebag, M.3
  • 33
    • 85019691440 scopus 로고    scopus 로고
    • Testing intrusion detection systems: A critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory
    • McHugh, J.: Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory. ACM Trans. Inf. Syst. Secur. 3(4), 262-294 (2000)
    • (2000) ACM Trans. Inf. Syst. Secur. , vol.3 , Issue.4 , pp. 262-294
    • McHugh, J.1


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.