See this document in CiteSeerX!

A Data Mining Framework for Adaptive Intrusion Detection (1998)  (Make Corrections)  (4 citations)
Wenke Lee, Salvatore J. Stolfo, Kui W. Mok
Proceedings of the 7th USENIX Security Symposium



  Home/Search   Context   Related

 
View or download:
columbia.edu/~sal/hpa...framework.ps.gz
anreg.cpe.ku.ac.th/~u...framework.ps.gz
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  columbia.edu/~s...projectpapers (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: In this paper we describe a data mining framework for constructing intrusion detection models. The key ideas are to mine system audit data for consistent and useful patterns of program and user behavior, and use the set of relevant system features presented in the patterns to compute (inductively learned) classifiers that can recognize anomalies and known intrusions. Our experiments on audit data of system programs and network activities showed that classification models can detect intrusions,... (Update)

Context of citations to this paper:   More

...al. 1997) is a meta learning base distributed data mining framework has been used for fraud detection in the banking domain (Lee, Stolfo, Mok, 1999). Collective data mining (Kargupta, Johnson, Riva Sanseverino, Park, Silvestre, Hershberger, 1998; Kargupta, Park,...

.... system (Stolfo et al. 1997) is a distributed data mining framework used primarily for fraud detection in the banking domain (Lee, Stolfo, Mok, 1999). This system develops patterns of fraudulent activity by mining the individual databases of the various financial...

Cited by:   More
Intrusion Detection: A Bibliography - Mé, Michel (2001)   (Correct)
Collective Data Mining: A New Perspective Toward.. - Kargupta, Byung-Hoon, al (1999)   (Correct)
Collective Data Mining: A New Perspective Toward Distributed.. - Kargupta, al (1999)   (Correct)

Similar documents (at the sentence level):   More
48.4%:   Adaptive Intrusion Detection: a Data Mining Approach - Lee, Stolfo, Mok (2000)   (Correct)
17.1%:   Mining Audit Data to Build Intrusion Detection Models - Lee, Stolfo, Mok (1998)   (Correct)
14.0%:   Algorithms For Mining System Audit Data - Lee, Stolfo, Mok (1999)   (Correct)

Active bibliography (related documents):   More   All
0.4:   A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999)   (Correct)
0.3:   Information-Theoretic Measures for Anomaly Detection - Lee, Xiang (2001)   (Correct)
0.2:   Data Mining Approaches for Intrusion Detection - Lee, Stolfo (1998)   (Correct)

Similar documents based on text:   More   All
0.9:   Using Artificial Anomalies to Detect Unknown and Known.. - Fan, Miller, Stolfo (2001)   (Correct)
0.7:   Fuzzy Frequent Episodes for Real-Time Intrusion Detection - Luo, Bridges, B.Vaughn, Jr. (2001)   (Correct)
0.5:   A Framework For An Adaptive Intrusion Detection System With.. - Hossain, Bridges (2001)   (Correct)

Related documents from co-citation:   More   All
6:   IEEE Computer Graphics and Applications (context) - Stollnitz, DeRose et al. - 1995
3:   The preliminary design of papyrus: A system for high performance - Grossman, Bailey et al. - 1998
3:   PADMA: PArallel Data Mining Agents for scalable text classification (context) - Kargupta, Hamzaoglu et al. - 1996

BibTeX entry:   (Update)

Lee, W., Stolfo, S., & Mok, K. (1999). A data mining framework for adaptive intrusion detection. To appear in the Proceedings of the 1999 IEEE Symposium on Security and Privacy, IEEE Computer Society Press. http://citeseer.ist.psu.edu/article/lee98data.html   More

@inproceedings{ lee98data,
    author = "Wenke Lee and Salvatore Stolfo",
    title = "Data mining approaches for intrusion detection",
    booktitle = "Proceedings of the 7th {USENIX} Security Symposium",
    address = "San Antonio, TX",
    year = "1998",
    url = "citeseer.ist.psu.edu/article/lee98data.html" }
Citations (may not include all citations):
921   Mining association rules between sets of items in large data.. - Agrawal, Imielinski et al. - 1993
910   Fast algorithms for mining association rules - Agrawal, Srikant - 1994
248   Fast effective rule induction - Cohen - 1995
213   Discovery of multiple-level association rules from large dat.. - Han, Fu - 1995
189   Discovering frequent episodes in sequences (context) - Mannila, Toivonen et al. - 1995
142   A sense of self for unix processes - Forrest, Hofmeyr et al. - 1996
137   Finding interesting rules from large sets of discovered asso.. - Klemettinen, Mannila et al. - 1994
121   Mining association rules with item constraints - Srikant, Vu et al. - 1997
105   State transition analysis: A rule-based intrusion detection .. - Ilgun, Kemmerer et al. - 1995
86   JAM: Java agents for meta-learning over distributed database.. - Stolfo, Prodromidis et al. - 1997
85   Discovering generalized episodes using minimal occurrences - Mannila, Toivonen - 1996
84   Data mining approaches for intrusion detection - Lee, Stolfo - 1998
78   Security problems in the tcp/ip protocol suite - Bellovin - 1989
59   Toward parallel and distributed learning by meta-learning - Chan, Stolfo - 1993
58   available via anonymous ftp to ftp (context) - Jacobson, Leres et al. - 1989
57   Decision tree induction based on efficient tree restructurin.. - Utgoff, Berkman et al. - 1997
56   Clustering association rules - Lent, Swami et al. - 1997
56   A real-time intrusion detection expert system (context) - Lunt, Tamaru et al. - 1992
35   Mining audit data to build intrusion detection models - Lee, Stolfo et al. - 1998
32   A software architecture to support misuse intrusion detectio.. - Kumar, Spafford - 1995
30   The architecture of a network level intrusion detection syst.. (context) - Heady, Luger et al. - 1990
25   Sequence matching and learning in anomaly detection for comp.. - Lane, Brodley - 1997
23   Detecting intruders in computer systems - Lunt - 1993
21   Data Mining and Knowledge Discovery (context) - Fawcett, Provost et al. - 1997
6   SunSHIELD Basic Security Module Guide (context) - Mountain, CA
4   Test Center Comparison: Network intrusion-detection solution.. (context) - McClure, Scambray et al. - 1998
4   Unix system security (context) - Grampp, Morris - 1984

Documents on the same site (http://www.cs.columbia.edu/~sal/JAM/PROJECT/recent-project-papers.html):   More
A Comparative Evaluation of Voting and Meta-learning on.. - Chan, Stolfo (1995)   (Correct)
Learning with Non-uniform Class and Cost Distributions: Effects.. - Chan, al. (1998)   (Correct)
Learning Patterns from Unix Process Execution Traces for.. - Lee, Stolfo (1997)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC