M. Mahoney and P. Chan, "Learning nonstationary models of normal network traffic for detecting novel attacks," in Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp. 23--26, 2002. Home/Search Document Details and Download
Summary Related Articles Check |
This paper is cited in the following contexts:
An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation.. - Mahoney, Chan (2003) Self-citation (Mahoney Chan) (Correct)
No context found.
M. Mahoney, P. K. Chan, "Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks ", Edmonton, Alberta: Proc. SIGKDD, 2002, 376-385.
Network Traffic Anomaly Detection Based on Packet Bytes - Mahoney (2003) (1 citation) Self-citation (Mahoney) (Correct)
....attack (since it is novel) and because normal traffic may also deviate from the model, generating false alarms. An anomaly detector can only bring the suspicious traffic to the attention of a network security expert, who must then figure out what, if anything, needs to be done. Mahoney and Chan [6, 7, 8] identify five types of anomalies in hostile traffic. User Behavior. Hostile traffic may have a novel source address because it comes from an unauthorized user of a restricted (password protected) service. Also, probes such as ipsweep and portsweep [4] may attempt to access nonexistent hosts ....
....individual addresses. NIDES, like SPADE and ADAM, models ports and addresses, flagging differences between short and long term behavior. SPADE, ADAM, and NIDES use frequency based models, in which the probability of an event is estimated by its average frequency during training. PHAD [6] ALAD [8], and LERAD [7] use time based models, in which the probability of an event depends instead on the time since it last occurred. For each attribute, they collect a set of allowed values (anything observed at least once in training) and flag novel values as anomalous. Specifically, they assign a ....
Mahoney, M., P. K. Chan, "Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks ", Edmonton, Alberta: Proc. SIGKDD, 2002, 376-385.
Anomaly Detection Based on Unsupervised Niche Clustering.. - Leon, Nasraoui, Gomez (2004) (Correct)
No context found.
M. Mahoney and P. Chan, "Learning nonstationary models of normal network traffic for detecting novel attacks," in Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp. 23--26, 2002.
Towards NIC-based Intrusion Detection - Otey Parthasarathy Ghoting (2003) (1 citation) (Correct)
No context found.
M. Mahoney and P. Chan. Learning nonstationary models of normal network trafficfor detecting novel attacks. In SIGKDD, 2002.
Model Generalization and Its Implications on Intrusion detection - Li, Das, Zhou (2005) (Correct)
No context found.
M.V. Mahoney and P.K. Chan. Learning Nonstationary Models of Normal Network Tra#c for Detecting Novel Attacks. In SIGKDD 2002, July 23-26 2002.
M of N Features vs. Intrusion Detection - Li, Das (2005) (Correct)
No context found.
M.V. Mahoney and P.K. Chan. Learning Nonstationary Models of Normal Network Tra#c for Detecting Novel Attacks. In SIGKDD 2002, July 23-26 2002.
Model Redundancy vs. Intrusion Detection - Li, Das, Emmanuel (2005) (Correct)
No context found.
M.V. Mahoney and P.K. Chan. Learning Nonstationary Models of Normal Network Tra#c for Detecting Novel Attacks. In SIGKDD 2002, July 23--26 2002.
USAID: Unifying Signature-Based and Anomaly-Based Intrusion.. - li, das, zhou (2005) (Correct)
No context found.
M. Mahoney and P. Chan. Learning Nonstationary Models of Normal Network Tra#c for Detecting Novel Attacks. In SIGKDD 2002, July 23-26 2002.
Visualizing and Identifying Intrusion Context from System Calls.. - Li, Das (2004) (Correct)
No context found.
M. Mahoney and P. Chan. Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks. In SIGKDD 2002.
Theoretical Basis for Intrusion Detection - Li, Das, Zhou (2005) (Correct)
No context found.
M. Mahoney and P. Chan, "Learning Nonstationary Models of Normal Network Traffic for Detecting Novel Attacks," in SIGKDD 2002.
Anomaly Detection Based on Unsupervised Niche Clustering.. - Leon, Nasraoui, Gomez (Correct)
No context found.
M. Mahoney and P. Chan, "Learning nonstationary models of normal network traffic for detecting novel attacks," in Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp. 23--26, 2002.
A Holistic Approach to Service Survivability - Keromytis, Parekh, Gross.. (2003) (Correct)
No context found.
M. V. Mahoney and P. K. Chan. Learning nonstationary models of normal network traffic for detecting novel attacks. In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pages 376--385. ACM Press, 2002.
Adversarial Classification - Nilesh Dalvi Pedro (Correct)
No context found.
M. V. Mahoney and P. K. Chan. Learning nonstationary models of normal network tra#c for detecting novel attacks. In Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pages 376--385, Edmonton, Canada, 2002. ACM Press.
A Holistic Approach to Service Survivability - Keromytis, Parekh, Gross.. (2003) (Correct)
No context found.
M. V. Mahoney and P. K. Chan. Learning nonstationary models of normal network traffic for detecting novel attacks. In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pages 376--385. ACM Press, 2002.
NIC-based intrusion detection: A feasibility study - Otey Noronha Li (Correct)
No context found.
M. Mahoney and P. Chan. Learning nonstationary models of normal network traffic for detecting novel attacks. In SIGKDD, 2002.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC