Lee, W., Miller, M., Stolfo, S., Jallad, K., Park, C., Zadok, E., and Prabhakar, V., Toward cost-sensitive modeling for intrusion detection, ACM Journal of Computer Society, Vol. 10, No. 1-2, pp. 5-22, 2002. Home/Search Document Details and Download
Summary Related Articles Check |
This paper is cited in the following contexts:
Authorization Based on Evidence and Trust - Zhong, Bhargava (2002) (1 citation) (Correct)
....events. Lethality measures the degree of damage that could potentially be caused by mistrust events. The feature set of a category corresponds to the attribute set of an evidence type. Given a mistrust event, how to determine quantitative measures of its features is application specific [5][21]. Finally, a mistrust event discovered by intrusion detection or data mining system is associated with a probability, which characterizes the confidence of the system 10 to make the claim. The probability is expressed by using the opinion parameter in evidence statement. Evaluating Trust values: ....
W. Lee, W. Fan, M. Miller, S. Stolfo, F. Zadok. Toward Cost-Sensitive Modeling for Intrusion Detection and Response. Journal of Computer Security, 2001.
Cost-Benefit Analysis for Network Intrusion Detection.. - Wei, Frinke, Carter, Ritter (2001) (Correct)
.... Network intrusion detection technologies, as part of risk management measures, have been studied for more than a decade, but most systems [12, 17] are concerned only with intrusion detection, which tries to use brute force to catch every possible intrusion, while ignoring technical effectiveness [21]. However, it is both impossible to catch every attack and impractical to employ an extremely restrictive network intrusion detection syster Furthermore, the cost of detection and countermeasures could be much higher than the benefit. This is why the cost benefit tradeoff is one of the most ....
....be much higher than the benefit. This is why the cost benefit tradeoff is one of the most important parts of a network intrusion detection system, because it can be used to determine whether or not the system is valuable enough to employ countermeasures to stop an intrusion. Lee and Stolfo s [20, 21] research of cost modeling for network intrusion detection systems follows a risk analysis procedure to select sensitive data assets and create a cost matrix for each intrusion. They divide the cost items into damage cost, operation cost, and response cost, and combine them together to calculate ....
[Article contains additional citation context not shown here]
W. Lee etal, Toward Cost-Sensitive Modeling for Intrusion Detection and Response, North Carolina State University, 2000.
Information-Theoretic Measures for Anomaly Detection - Lee, Xiang (2001) (16 citations) (Correct)
....by Axelsson is that a detection model should be optimized for some utility function, not necessary statistical accuracy, and instead could be some definition of cost. We have independently began to address how to build cost sensitive IDS, i.e. an IDS that provides the best valued protection [17]. The most related work is by Maxion et al. 21] where the relationship between data regularity and detection performance of anomaly detection model was studied. The study focused on sequence data, and hence regularity is defined as conditional entropy. The key result from experiments on ....
Wenke Lee, Wei Fan, Matt Miller, Sal Stolfo, and Erez Zadok. Toward cost-sensitive modeling for intrusion detection and response. In 1st ACM Workshop on Intrusion Detection Systems, 2000.
A Multiple Model Cost-Sensitive Approach for Intrusion.. - Fan, Lee, Stolfo, Miller (2000) (4 citations) Self-citation (Miller Stolfo) (Correct)
....We have thus chosen to measure and minimize CCost and OpCost in two orthogonal dimensions. An intrusion taxonomy must be used to determine the damage and response cost metrics which are used in the formulation of CCost. A more detailed study of these cost metrics can be found in our on going work [8]. Our taxonomy is the same as that used in the DARPA evaluation, and consists of four types of intrusions: probing (PRB) denial of service (DOS) remotely gaining illegal local access (R2L) and a user gaining illegal root access (U2R) All attacks in the same category are assumed to have the ....
....CCost and slightly higher error rate. Multi MetaCost classi es more intrusions correctly (warezclient, for example) and has a lower CCost and error rate than MetaCost. 4. 4 Comparison with fcs RIPPER In previous work, we introduced a feature cost sensitive method, fcs RIPPER , to reduce OpCost [8, 9]. This method favors less costly features when constructing a ruleset. Cost sensitivity is controlled by the variable 2 [0; 1] and sensitivity increases with the value of . We generated a single ordered ruleset using di erent values of with fcs RIPPER. In Table 8, we compare the average ....
W. Lee, M. Miller, and S. Stolfo et al. Toward cost-sensitive modeling for intrusion detection. Technical Report CUCS-002-00, Computer Science, Columbia University, 2000.
Cost-Sensitive Access Control for Illegitimate - Confidential Access By (2006) (Correct)
No context found.
Lee, W., Miller, M., Stolfo, S., Jallad, K., Park, C., Zadok, E., and Prabhakar, V., Toward cost-sensitive modeling for intrusion detection, ACM Journal of Computer Society, Vol. 10, No. 1-2, pp. 5-22, 2002.
Adaptive Defense Against Various Network Attacks - Cliff Zou Nick (Correct)
No context found.
LEE,W.,FAN,W.,MILLER, M., STOLFO, S., AND ZADOK, E. Toward cost-sensitive modeling for intrusion detection and response. Journal of Computer Security 10, 1,2 (2002).
Model Generalization and Its Implications on Intrusion detection - Li, Das, Zhou (2005) (Correct)
No context found.
W. Lee, M. Miller, and S. Stolfo. Toward cost-sensitive modeling for intrusion detection. Technical Report No. CUCS-002-00, Computer Science,Columbia University, 2000.
M of N Features vs. Intrusion Detection - Li, Das (2005) (Correct)
No context found.
W. Lee, M. Miller, and S. Stolfo. Toward cost-sensitive modeling for intrusion detection. Technical Report No. CUCS-002-00, Computer Science,Columbia University, 2000.
Using Adaptive Alert Classification to Reduce False Positives.. - Pietraszek (2004) (Correct)
No context found.
Lee, W., Fan, W., Miller, M., Stolfo, S.J., Zadok, E.: Toward cost-sensitive modeling for intrusion detection and response. Journal of Computer Security 10 (2002) 5--22.
Andrei Sabelfeld (Editor) - Turku Centre Computer (Correct)
No context found.
W. Lee, W. Fan, M. Miller, S. Stolfo, E. Zadok, Toward cost-sensitive modeling for intrusion detection and response, Journal of Computer Security Volume 10, Issue 1-2 2002
Intrusion Detection: A Bibliography - Mé, Michel (2001) (Correct)
No context found.
Lee, W., Miller, M., Stolfo, S., Jalladand, K., Park, C., Zadok, E., and Prabhakar, V. (2000b). Toward Cost-Sensitive Modeling for Intrusion Detection. Technical Report CUCS-002-00, Computer Science Department, Columbia University.
Intrusion Detection: A Bibliography - Mé, Michel (2001) (Correct)
No context found.
Lee, W., Fan, W., Miller, M., Stolfo, S., and Zadok, E. (2000a). Toward Cost-Sensitive Modeling for Intrusion Detection and Response. In Proceedings of the Workshop on Intrusion Detection Systems, 7th ACM Conference on Computer and Communication Security.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC