Wenke Lee, Salvatore J. Stolfo, Kui W. Mok  Home/Search
Context Related
| columbia.edu/~sal/hpaper...ieee99.ps.gz anreg.cpe.ku.ac.th/~upk/...ieee99.ps.gz Cached: PS.gz PS PDF DjVu Image Update Help From: columbia.edu/~s...projectpapers (more) Homepages: W.Lee [2] [3] [4] S.Stolfo K.Mok HPSearch (Update Links) |
Rate this article:      (best)Comment on this article |
Abstract: There is often the need to update an installed Intrusion Detection System (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are constructed by manual encoding of expert security knowledge, changes to IDSs are expensive and slow. In this paper, we describe a data mining framework for adaptively building Intrusion Detection (ID) models. The central idea is to utilize auditing programs to extract an extensive set of features that describe each network... (Update)
Context of citations to this paper: More
.... other related work, such as various anomaly detection models (e.g. NIDES STAT [20] HAYSTACK [46] data mining approaches (e.g. JAM [30], ADAM 8 P. Ning, S. Jajodia, and X.S. Wang [4] various tracing techniques (e.g. DECIDUOUS [6; 7] thumbprinting [51] and embedded...
.... could be applied to use various sets of rules in concordance with each other, or through the means of meta classi ers as described in [5]. Meta classi ers are systems that use several sets of individual classi ers and then learn rules that interpret the set of individual...
Cited by: More
Mimicry Attacks on Host-Based Intrusion Detection - Systems David Wagner (Correct)
Enhancing Profiles for Anomaly Detection Using Time.. - Li, Wu, Jajodia, Wang (2000) (Correct)
Intelligent Database by Neural Network and Data Mining - Chua Boon Lay (Correct)
Similar documents (at the sentence level): More
41.2%: A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999) (Correct)
24.4%: A Framework for Constructing Features and Models for Intrusion.. - Lee, Stolfo (2000) (Correct)
10.2%: A Data Mining Framework for Constructing Features and Models for.. - Lee (1999) (Correct)
Active bibliography (related documents): More All
0.5: A Data Mining Framework for Adaptive Intrusion Detection - Lee, Stolfo, Mok (1998) (Correct)
0.3: Information-Theoretic Measures for Anomaly Detection - Lee, Xiang (2001) (Correct)
0.3: A Data Mining and CIDF Based Approach for Detecting Novel and .. - Wenke Lee Rahul (2000) (Correct)
Similar documents based on text: More All
0.5: Algorithms For Mining System Audit Data - Lee, Stolfo, Mok (1999) (Correct)
0.4: Mining in a Data-flow Environment: Experience in Network.. - Lee, Stolfo, Mok (1999) (Correct)
0.4: Adaptive Intrusion Detection: a Data Mining Approach - Lee, Stolfo, Mok (2000) (Correct)
Related documents from co-citation: More All
10: Fast effective rule induction - Cohen - 1995
9: Network Flight Recorder (context) - Recorder - 1997
8: State Transition Analysis: A RuleBased Intrusion Detection System - Ilgun, Kemmerer et al. - 1995
BibTeX entry: (Update)
W. Lee, S. J. Stolfo, and K. W. Mok. A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999. http://citeseer.nj.nec.com/article/lee99data.html More
@inproceedings{ lee99data,
author = "Wenke Lee and Salvatore J. Stolfo and Kui W. Mok",
title = "A Data Mining Framework for Building Intrusion Detection Models",
booktitle = "{IEEE} Symposium on Security and Privacy",
pages = "120-132",
year = "1999",
url = "citeseer.nj.nec.com/article/lee99data.html" }
Citations (may not include all citations):602 Mining association rules between sets of items in large data.. - Agrawal, Imielinski et al. - 1993
198 Fast effective rule induction - Cohen - 1995
120 Discovering frequent episodes in sequences (context) - Mannila, Toivonen et al. - 1995
87 Network intrusion detection (context) - Mukherjee, Heberlein et al. - 1994
79 The KDD process of extracting useful knowledge from volumes .. (context) - Fayyad, Piatetsky-Shapiro et al. - 1996
73 Emerald: Event monitoring enabling responses to anomalous li.. (context) - Porras, Neumann - 1997
65 State transition analysis: A rule-based intrusion detection .. - Ilgun, Kemmerer et al. - 1995
64 Discovering generalized episodes using minimal occurrences - Mannila, Toivonen - 1996
53 Toward parallel and distributed learning by meta-learning - Chan, Stolfo - 1993
47 available via anonymous ftp to ftp (context) - Jacobson, Leres et al. - 1989
47 A real-time intrusion detection expert system (context) - Lunt, Tamaru et al. - 1992
41 Data mining approaches for intrusion detection - Lee, Stolfo - 1998
34 Automated detection of vulnerabilities in privileged program.. - Ko, Fink et al. - 1994
28 A software architecture to support misuse intrusion detectio.. - Kumar, Spafford - 1995
23 Mining audit data to build intrusion detection models - Lee, Stolfo et al. - 1998
17 Detecting intruders in computer systems - Lunt - 1993
17 Sequence matching and learning in anomaly detection for comp.. - Lane, Brodley - 1997
16 Bro: A system for detecting network intruders in real-time - Paxon - 1998
14 Network flight recorder (context) - Flight - 1997
6 Common intrusion detection framework (context) - Stainford-Chen
5 SunSHIELD Basic Security Module Guide (context) - Mountain, CA
1 Mining sequential patterns: Techniques (context) - Lee, Mok et al. - 1998
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.columbia.edu/~sal/JAM/PROJECT/recent-project-papers.html): More
A Comparative Evaluation of Voting and Meta-learning on.. - Philip Chan (1995) (Correct)
Learning with Non-uniform Class and Cost Distributions: Effects.. - Chan, al. (Correct)
Learning Patterns from Unix Process Execution Traces for.. - Wenke Lee (1997) (Correct)
Online articles have much greater impact More about CiteSeer Add search form to your site Submit documents Latest news
CiteSeer - citeseer.org - Terms of Service - Privacy Policy - Copyright © 1997-2002 NEC Research Institute