See this document in CiteSeerX!

Detecting Intrusions Using System Calls: Alternative Data Models (1999)  (Make Corrections)  (60 citations)
Christina Warrender, Stephanie Forrest, Barak Pearlmutter
IEEE Symposium on Security and Privacy



  Home/Search   Context   Related

Links:   DBLP

 
View or download:
unm.edu/~immsec/pu...altdatamodels.ps
unm.edu/~immsec/pu...klandwithcite.ps
unm.edu/pub/forres...klandwithcite.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  unm.edu/~immsec/papers (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: Intrusion detection systems rely on a wide variety of observable data to distinguish between legitimate and illegitimate activities. In this paper we study one such observable--- sequences of system calls into the kernel of an operating system. Using system-call data sets generated by several different programs, we compare the ability of different data modeling methods to represent normal behavior accurately and to recognize intrusions. We compare the following methods: Simple enumeration of... (Update)

Cited by:   More
A Geometric Framework for Unsupervised Anomaly - Detection Detecting Intrusions   (Correct)
A Comprehensive Approach to Intrusion Detection Alert.. - Valeur, Vigna.. (2004)   (Correct)
Using Alert Verification to Identify Successful Intrusion.. - Kruegel, Robertson, Vigna   (Correct)

Similar documents (at the sentence level):
55.3%:   Detecting Intrusions Using System Calls: Alternative.. - Warrender, Forrest.. (1998)   (Correct)

Active bibliography (related documents):   More   All
0.1:   Interactive Security Assistance for End-User Supervision of.. - Rasmusson (1996)   (Correct)
0.1:   Computer Immunology - Forrest, Hofmeyr, Somayaji (1996)   (Correct)
0.1:   Intrusion Detection using Sequences of System Calls - Hofmeyr, Forrest, Somayaji (1998)   (Correct)

Similar documents based on text:   More   All
0.2:   Revisiting LISYS: Parameters and Normal Behavior - Balthrop, Forrest, Glickman (2002)   (Correct)
0.2:   Learning Patterns from Unix Process Execution Traces for.. - Lee, Stolfo (1997)   (Correct)
0.2:   A Sense of Self for Unix Processes - Forrest, Hofmeyr, Somayaji.. (1996)   (Correct)

Related documents from co-citation:   More   All
32:   A sense of self for unix processes - Forrest, Hofmeyr et al. - 1996
22:   IEEE Transactions on Software Engineering (context) - Denning, Past - 1980
21:   The NIDES statistical component description and justification (context) - Javitz, Valdes - 1994

BibTeX entry:   (Update)

Warrender, Christina, Stephanie Forrest, and Barak Pearlmutter. Detecting Intrusions Using System Calls: Alternative Data Models. To appear, 1999 IEEE Symposium on Security and Privacy. 1999. http://citeseer.ist.psu.edu/warrender99detecting.html   More

@inproceedings{ warrender99detecting,
    author = "Christina Warrender and Stephanie Forrest and Barak A. Pearlmutter",
    title = "Detecting Intrusions using System Calls: Alternative Data Models",
    booktitle = "{IEEE} Symposium on Security and Privacy",
    location = "Oakland, CA",
    pages = "133-145",
    year = "1999",
    url = "citeseer.ist.psu.edu/warrender99detecting.html" }
Citations (may not include all citations):
1362   A tutorial on Hidden Markov Models and selected applications.. (context) - Rabiner - 1989  ACM
362   An introduction to Hidden Markov Models (context) - Rabiner, Juang - 1986
248   Fast effective rule induction - Cohen - 1995  DBLP
142   A sense of self for UNIX processes - Forrest, Hofmeyr et al. - 1996  ACM
84   Data mining approaches for intrusion detection - Lee, Stolfo - 1998
63   Intrusion detection using sequences of system calls - Hofmeyr, Forrest et al. - 1998  DBLP
62   The NIDES statistical component: Description and justificati.. (context) - Javitz, Valdes - 1993
51   Learning stochastic regular grammars by means of a state mer.. - Carrasco, Oncina - 1994  ACM   DBLP
43   The power of amnesia: Learning probabilistic automata with v.. - Ron, Singer et al. - 1996
31   Gauging similarity with n-grams: Languageindependent categor.. (context) - Damashek - 1995
28   Intelligent agents for intrusion detection - Helmer, Wong et al. - 1998
25   Learning patterns from UNIX process execution traces for int.. - Lee, Stolfo et al. - 1997
7   personal communication (context) - Lee - 1998
6   Automated detection of vulnerabilities in priviledged progra.. (context) - Ko, Fink et al. - 1994
2   A statistically based system for prioritizing information ex.. (context) - Helman, Bhangoo - 1997
2   A shape of self for UNIX processes (context) - Kosoresow, Hofmeyr - 1997



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://www.cs.unm.edu/~immsec/papers.htm):   More
Principles of a Computer Immune System - Somayaji (1997)   (Correct)
Computer Immunology - Forrest, Hofmeyr, Somayaji (1996)   (Correct)
Intrusion Detection using Sequences of System Calls - Hofmeyr, Forrest, Somayaji (1998)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC