Wenke Lee, Salvatore J. Stolfo  Home/Search
Context Related
Links: ACM DBLP | ncsu.edu/faculty/lee...ids_framework.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: ncsu.edu/faculty/l...publications (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: This paper describes a novel framework, MADAM ID, for Mining Audit Data for Automated Models for Intrusion Detection. This framework uses data mining algorithms to compute activity patterns from system audit data and extracts predictive features from the patterns. It then applies machine learning algorithms to the audit records that are processed according to the feature definitions to generate intrusion detection rules. Results from the 1998 DARPA Intrusion Detection Evaluation showed that our ... (Update)
Cited by: More
Fuzzy ROC Curves for Unsupervised - Nonparametric Ensemble Techniques (Correct)
Fuzzy Roc Curves For The 1 Class Svm: - Application To Intrusion (Correct)
Network Intrusion Detection using Random Forests - Jiong Zhang And (2005) (Correct)
Similar documents (at the sentence level):
28.7%: A Data Mining Framework for Constructing Features and Models for.. - Lee (1999) (Correct)
12.2%: A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999) (Correct)
Active bibliography (related documents): More All
0.3: Intrusion Detection: A Bibliography - Mé, Michel (2001) (Correct)
0.2: Information-Theoretic Measures for Anomaly Detection - Lee, Xiang (2001) (Correct)
0.2: Adaptive Intrusion Detection: a Data Mining Approach - Lee, Stolfo, Mok (2000) (Correct)
Similar documents based on text: More All
1.0: Using Artificial Anomalies to Detect Unknown and Known.. - Fan, Miller, Stolfo (2001) (Correct)
0.5: Correlating Alerts Using Prerequisites of Intrusions - Ning, Reeves, Cui (2001) (Correct)
0.4: A Framework For An Adaptive Intrusion Detection System With.. - Hossain, Bridges (2001) (Correct)
Related documents from co-citation: More All
7: Temporal sequence learning and data reduction for anomaly detection - Lane, Brodie - 1998
6: Bro: A System for Detecting Network Intruders in Real-Time - Paxson - 1998
6: The SRI IDES Statistical Anomaly Detector (context) - Javitz, Valdes - 1991
BibTeX entry: (Update)
Lee, W. and Stolfo, S. J., "A Framework for Constructing Features and Models for Intrusion Detection Systems," ACM Transactions on Information and System Security, vol. 3, November, 2000 http://citeseer.ist.psu.edu/article/lee00framework.html More
@article{ lee00framework,
author = "Wenke Lee and Salvatore J. Stolfo",
title = "A framework for constructing features and models for intrusion detection systems",
journal = "Information and System Security",
volume = "3",
number = "4",
pages = "227--261",
year = "2000",
url = "citeseer.ist.psu.edu/article/lee00framework.html" }
Citations (may not include all citations):976 Machine Learning (context) - Mitchell - 1997 ACM DBLP
921 Mining association rules between sets of items in large data.. - Agrawal, Imielinski et al. - 1993 ACM DBLP
248 Fast effective rule induction - Cohen - 1995
189 Discovering frequent episodes in sequences (context) - Mannila, Toivonen et al. - 1995 DBLP
142 A sense of self for Unix processes - Forrest, Hofmeyr et al. - 1996 ACM
132 EMERALD: Event monitoring enabling responses to anomalous li.. - Porras, Neumann - 1997
123 Bro: A system for detecting network intruders in real-time - Paxson - 1998 DBLP
121 Network intrusion detection (context) - Mukherjee, Heberlein et al. - 1994 ACM
106 The KDD process of extracting useful knowledge from volumes .. - Fayyad, Piatetsky-Shapiro et al. - 1996
105 State transition analysis: A rulebased intrusion detection a.. - Ilgun, Kemmerer et al. - 1995
86 JAM: Java agents for meta-learning over distributed database.. - Stolfo, Prodromidis et al. - 1997 DBLP
85 Discovering generalized episodes using minimal occurrences - Mannila, Toivonen - 1996 DBLP
84 Data mining approaches for intrusion detection - Lee, Stolfo - 1998
63 Next-generation intrusion detection expert system - Anderson, Frivold et al. - 1995
59 Toward parallel and distributed learning by metalearning - Chan, Stolfo - 1993
59 USTAT: A real-time intrusion detection system for Unix - Ilgun - 1992
58 available via anonymous ftp to ftp (context) - Jacobson, Leres et al. - 1989
56 A real-time intrusion detection expert system (context) - Lunt, Tamaru et al. - 1992
52 Automated detection of vulnerabilities in privileged program.. - Ko, Fink et al. - 1994
40 Temporal sequence learning and data reduction for anomaly de.. - Lane, Brodley - 1999
35 State of the practice of intrusion detection technologies - Allen, Christie et al. - 2000
32 A software architecture to support misuse intrusion detectio.. - Kumar, Spafford - 1995
27 A study in using neural networks for anomaly and misuse dete.. (context) - Ghosh, Schwartzbard - 1999
23 Detecting intruders in computer systems - Lunt - 1993
19 Mining in a data-flow environment: Experience in network int.. - Lee, Stolfo et al. - 1999 DBLP
17 A Data Mining Framework for Constructing Features and Models.. - Lee - 1999
15 Network flight recorder (context) - Recorder - 1997
1 A data mining framework for building intrusion detection mod.. (context) - for, Features et al. - 1999 DBLP
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.csc.ncsu.edu/faculty/lee/publications.html): More
Learning Patterns from Unix Process Execution Traces for.. - Lee, Stolfo (1997) (Correct)
Interfacing Oz with the PCTE OMS: A Case Study of Integrating a .. - Lee, Kaiser (Correct)
Mining Audit Data to Build Intrusion Detection Models - Lee, Stolfo, Mok (1998) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC