Wenke Lee, Salvatore J. Stolfo, Kui W. Mok  Home/Search
Context Related
Links: DBLP | columbia.edu/~sal/hpaper...ieee99.ps.gz anreg.cpe.ku.ac.th/~upk/...ieee99.ps.gz Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: columbia.edu/~s...projectpapers (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: There is often the need to update an installed Intrusion Detection System (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are constructed by manual encoding of expert security knowledge, changes to IDSs are expensive and slow. In this paper, we describe a data mining framework for adaptively building Intrusion Detection (ID) models. The central idea is to utilize auditing programs to extract an extensive set of features that describe each network... (Update)
Cited by: More
E. Cant-Paz et al. (Eds.): GECCO 2003, LNCS 2724.. - Springer-Verlag.. (Correct)
Logics for Authorizations and Security - Piero Bonatti And (2003) (Correct)
A Multiagent Approach to Outbound Intrusion Detection - Mandujano (2004) (Correct)
Similar documents (at the sentence level): More
41.2%: A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999) (Correct)
24.4%: A Framework for Constructing Features and Models for Intrusion.. - Lee, Stolfo (2000) (Correct)
10.2%: A Data Mining Framework for Constructing Features and Models for.. - Lee (1999) (Correct)
Active bibliography (related documents): More All
0.4: A Data Mining Framework for Adaptive Intrusion Detection - Lee, Stolfo, Mok (1998) (Correct)
0.3: Information-Theoretic Measures for Anomaly Detection - Lee, Xiang (2001) (Correct)
0.3: A Data Mining and CIDF Based Approach for.. - Lee, Nimbalkar.. (2000) (Correct)
Similar documents based on text: More All
0.9: Using Artificial Anomalies to Detect Unknown and Known.. - Fan, Miller, Stolfo (2001) (Correct)
0.5: Algorithms For Mining System Audit Data - Lee, Stolfo, Mok (1999) (Correct)
0.4: Profiling UNIX Users And Processes Based on Rarity of Occurrence .. - Ju, Vardi (2001) (Correct)
Related documents from co-citation: More All
17: Data mining approaches for intrusion detection - Lee, Stolfo - 1998
17: Bro: A System for Detecting Network Intruders in Real-Time - Paxson - 1998
15: A sense of self for unix processes - Forrest, Hofmeyr et al. - 1996
BibTeX entry: (Update)
W. Lee, S. J. Stolfo, and K. W. Mok. A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999. http://citeseer.ist.psu.edu/article/lee99data.html More
@inproceedings{ lee99data,
author = "Wenke Lee and Salvatore J. Stolfo and Kui W. Mok",
title = "A Data Mining Framework for Building Intrusion Detection Models",
booktitle = "{IEEE} Symposium on Security and Privacy",
pages = "120--132",
year = "1999",
url = "citeseer.ist.psu.edu/article/lee99data.html" }
Citations (may not include all citations):921 Mining association rules between sets of items in large data.. - Agrawal, Imielinski et al. - 1993 ACM DBLP
248 Fast effective rule induction - Cohen - 1995
189 Discovering frequent episodes in sequences (context) - Mannila, Toivonen et al. - 1995 DBLP
132 Emerald: Event monitoring enabling responses to anomalous li.. - Porras, Neumann - 1997
121 Network intrusion detection (context) - Mukherjee, Heberlein et al. - 1994 ACM
106 The KDD process of extracting useful knowledge from volumes .. - Fayyad, Piatetsky-Shapiro et al. - 1996
105 State transition analysis: A rule-based intrusion detection .. - Ilgun, Kemmerer et al. - 1995
85 Discovering generalized episodes using minimal occurrences - Mannila, Toivonen - 1996
84 Data mining approaches for intrusion detection - Lee, Stolfo - 1998
65 Bro: A system for detecting network intruders in real-time - Paxon - 1998
59 Toward parallel and distributed learning by meta-learning - Chan, Stolfo - 1993
58 available via anonymous ftp to ftp (context) - Jacobson, Leres et al. - 1989
56 A real-time intrusion detection expert system (context) - Lunt, Tamaru et al. - 1992
52 Automated detection of vulnerabilities in privileged program.. - Ko, Fink et al. - 1994
35 Mining audit data to build intrusion detection models - Lee, Stolfo et al. - 1998 DBLP
32 A software architecture to support misuse intrusion detectio.. - Kumar, Spafford - 1995
25 Sequence matching and learning in anomaly detection for comp.. - Lane, Brodley - 1997
23 Detecting intruders in computer systems - Lunt - 1993
15 Network flight recorder (context) - Flight - 1997
8 Common intrusion detection framework (context) - Stainford-Chen
6 SunSHIELD Basic Security Module Guide (context) - Mountain, CA
1 Mining sequential patterns: Techniques (context) - Lee, Mok et al. - 1998
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.columbia.edu/~sal/JAM/PROJECT/recent-project-papers.html): More
A Comparative Evaluation of Voting and Meta-learning on.. - Chan, Stolfo (1995) (Correct)
Learning with Non-uniform Class and Cost Distributions: Effects.. - Chan, al. (1998) (Correct)
Learning Patterns from Unix Process Execution Traces for.. - Lee, Stolfo (1997) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC