Jon Doyle, Isaac Kohane, William Long, Howard Shrobe, Peter Szolovits  Home/Search
Context Related
| mit.edu/projects/maita/do...events01.ps mit.edu/medg/ftp/doyle/events01.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: mit.edu/projects/maita/ (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Notions of signature and anomaly have formed the basis of useful methods in cyber defense, but even in combination provide only weak evidence for recognizing many events of interest. One can recognize many important events without requiring signatures of specific ways the events can take place and without treating every anomalous behavior as an event. We describe an approach to event recognition that subsumes and extends signature and anomaly methods by starting from a richer language for... (Update)
Context of citations to this paper: More
...approach to event recognition that goes beyond the capabilities standard signature and anomaly methods and their direct combinations. See [5] for an extended discussion. 8.2. Alerting models The library of alerting models incorporates both extant procedures for making alerting...
Cited by: More
Andrei Sabelfeld (Editor) - Turku Centre Computer (Correct)
Agile Monitoring for Cyber Defense - Doyle, Kohane, Long, Shrobe.. (2001) (Correct)
Similar documents (at the sentence level):
79.0%: Event Recognition Beyond Signature and Anomaly - Doyle, Kohane, Long, Shrobe.. (2001) (Correct)
13.3%: On Widening the Scope of Attack Recognition Languages - Doyle, Shrobe, Szolovits (2000) (Correct)
Active bibliography (related documents): More All
0.6: Intrusion Detection: A Bibliography - Mé, Michel (2001) (Correct)
0.5: Adaptive Knowledge-Based Monitoring for Information.. - Doyle, Kohane, Long.. (Correct)
0.5: Active Trust Management for Autonomous Adaptive Survivable .. - Shrobe, Doyle, Szolovits (2000) (Correct)
Similar documents based on text: More All
0.3: Guardian Angel: Patient-Centered Health Information.. - Szolovits, Doyle.. (1994) (Correct)
0.2: Fault Analysis Using Petri Nets - Sacha (2001) (Correct)
0.2: The Architecture of MAITA - A Tool For Monitoring.. - Doyle, Kohane, Long, .. (1999) (Correct)
Related documents from co-citation: More All
2: . Kohane, I. S. Temporal reasoning in medical expert systems. In R. Salamon, B. Blum, and M. Jorgensen, editors, MEDINFO 86: Proceedings of the Fifth Conference on Medical Informatics, pages 170-174, Washington, October 1986. North-Holland.
BibTeX entry: (Update)
J. Doyle, I. Kohane, W. Long, H. Shrobe, and P. Szolovits. Event recognition beyond signature and anomaly. In Proceedings of the Second IEEE SMC Information Assurance Workshop. IEEE, IEEE Computer Society, June 2001. http://citeseer.ist.psu.edu/article/doyle01event.html More
@misc{ doyle01event,
author = "J. Doyle and I. Kohane and W. Long and H. Shrobe and P. Szolovits",
title = "Event recognition beyond signature and anomaly",
text = "J. Doyle, I. Kohane, W. Long, H. Shrobe, and P. Szolovits. Event recognition
beyond signature and anomaly. In Proceedings of the Second IEEE SMC Information
Assurance Workshop. IEEE, IEEE Computer Society, June 2001.",
year = "2001",
url = "citeseer.ist.psu.edu/article/doyle01event.html" }
Citations (may not include all citations):1044 Maintaining knowledge about temporal intervals (context) - Allen - 1983
140 CYC: a large-scale investment in knowledge infrastructure - Lenat - 1995
132 Emerald: Event monitoring enabling responses to anomalous li.. - Porras, Neumann - 1997
39 Detecting computer and network misuse through the production.. - Lindqvist, Porras - 1999
32 STATL: An attack language for state-based intrusion detectio.. - Eckmann, Vigna et al. - 2000
26 Temporal reasoning in medical expert systems (context) - Kohane - 1987
26 Temporal reasoning in medical expert systems (context) - Kohane - 1986
23 Automated trend detection with alternate temporal hypotheses (context) - Haimowitz, Kohane - 1993
7 Encoding patterns of growth to automate detection and diagno.. (context) - Kohane, Haimowitz - 1993
5 Knowledgebased data display using TrenD x (context) - Fackler, Haimowitz et al. - 1994
4 Some representational limitations of the common intrusion sp.. (context) - Doyle - 1999
3 Agile monitoring for cyber defense - Doyle, Kohane et al. - 2001
2 A common intrusion specication language (context) - Feiertag, Kahn et al. - 2000
1 in Symposium on Computer Applications in Medical Care (context) - Kohane, Haimowitz et al. - 1993
1 An epistemology for clinically signicant trends (context) - Haimowitz, Kohane - 1993
Documents on the same site (http://www.medg.lcs.mit.edu/projects/maita/):
Active Trust Management for Autonomous Adaptive Survivable .. - Shrobe, Doyle, Szolovits (2000) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC