Automated discovery of concise predictive rules for intrusion detection
نویسندگان
چکیده
This paper details an essential component of a multi-agent distributed knowledge network system for intrusion detection. We describe a distributed intrusion detection architecture, complete with a data warehouse and mobile and static agents for distributed problem-solving to facilitate building, monitoring, and analyzing global, spatio-temporal views of intrusions on large distributed systems. An agent for the intrusion detection system, which uses a machine learning approach to automated discovery of concise rules from system call traces, is described.
منابع مشابه
Combining Knowledge Discovery and Knowledge Engineering to Build IDSs
We have been developing a data mining (i.e., knowledge discovery) framework, MADAM ID, for Mining Audit Data for Automated Models for Intrusion Detection [LSM98, LSM99b, LSM99a]. The 1998 DARPA Intrusion Detection Evaluation showed that the models produced by MADAM ID performed comparably well with the best purely knowledge-engineered systems. Although our data mining techniques have shown grea...
متن کاملSurvey on Perception of People Regarding Utilization of Computer Science & Information Technology in Manipulation of Big Data, Disease Detection & Drug Discovery
this research explores the manipulation of biomedical big data and diseases detection using automated computing mechanisms. As efficient and cost effective way to discover disease and drug is important for a society so computer aided automated system is a must. This paper aims to understand the importance of computer aided automated system among the people. The analysis result from collected da...
متن کاملA hybridization of evolutionary fuzzy systems and ant Colony optimization for intrusion detection
A hybrid approach for intrusion detection in computer networks is presented in this paper. The proposed approach combines an evolutionary-based fuzzy system with an Ant Colony Optimization procedure to generate high-quality fuzzy-classification rules. We applied our hybrid learning approach to network security and validated it using the DARPA KDD-Cup99 benchmark data set. The results indicate t...
متن کاملRule Based Classifier Models For Intrusion Detection System
One key feature of intrusion detection systems is their ability to provide a view of unusual activity and issue alerts notifying administrators and/or block a suspected connection. Intrusion detection is a process of identifying and responding to malicious activity targeted at computing and networking resources. Over the past decade, the field of IDS has been driven into overdrive by the explos...
متن کاملEntropy Based Fuzzy Rule Weighting for Hierarchical Intrusion Detection
Predicting different behaviors in computer networks is the subject of many data mining researches. Providing a balanced Intrusion Detection System (IDS) that directly addresses the trade-off between the ability to detect new attack types and providing low false detection rate is a fundamental challenge. Many of the proposed methods perform well in one of the two aspects, and concentrate on a su...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Journal of Systems and Software
دوره 60 شماره
صفحات -
تاریخ انتشار 2002