41 citations found. Retrieving documents...
H. S. Javitz and A. Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the 1991.

 Home/Search   Document Not in Database   Summary   Related Articles   Check  

This paper is cited in the following contexts:

First 50 documents
Using Artificial Anomalies to Detect Unknown and Known.. - Fan, Miller, Stolfo (2001)   (7 citations)  (Correct)

....generated using the naive approach and observed that no artificial anomalies were removed at all. The main conclusion to be drawn from these filtering experiments is that most artificial anomalies are truly anomalous, and do not collide with known training data. 7 Related Work SRI s IDES [6] measures abnormality of current system activity from the probability distributions of past activities. The activities they monitored are host events (e.g. CPU utilization and file accesses) in our work, we monitor network events. Forrest et al. 4] record frequent subsequences of system calls ....

Harold Javitz and Alfonso Valdes. The SRI IDES statistical anomaly detector. In Proceedings of IEEE Symposium on Security and Privacy, page 1991.

Mining Intrusion Detection Alarms for Actionable Knowledge - Julisch, Dacier (2002)   (9 citations)  (Correct)

....A preliminary remark on intrusion detection terminology is in order: IDSs are classified into knowledge based and behavior based systems [13] Knowledge based systems such as STAT [27] use knowledge accumulated about attacks to detect instances of these attacks. Behavior based systems (e.g. IDES [29]) use a reference model of normal behavior and flag deviations from this model as anomalous and potentially intrusive. Another dichotomy splits IDSs according to their audit sources. Specifically, host based IDSs analyze host bound audit sources such as operating system audit trails, system logs, ....

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In IEEE Symposium on Security and Privacy, Oakland, CA. SRI International, May 1991.

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. XX.. - Intrusion Detection..   (Correct)

....Expert System (IDES) 17] 19] 20] The profile based anomaly com ponent of this system identifies expected behavior at the The longer the duration, the more accurate the study. user, group, remote host and target system levels. For an in depth discussion of IDES, the reader is referred to [12]. Two example intrusion detection implementations that employ rule based anomaly detection are Wisdom and Sense (W S) 34] and the Time based Inductive Machine (TIM) approach [3] Neural network based anomaly detection has also been proposed in recent work [4] 20] Anomaly detection is not ....

H.S. Javitz and A. Valdes, "The SRI IDES Statistical Anomaly Detector," Proceedings of the IEEE Research in Security and Privacy, Oakland, CA, pp. 316-376, May 1991.

A Building Block Approach to Intrusion Detection - Crosbie, Kuperman (2001)   (Correct)

.... work The basic model for an intrusion detection system was introduced by Denning in [9] Much work has grown around this model, and research in intrusion detection has covered network based intrusions [14, 37] immunology based models [12] state machine models [22] and statistical analysis [19]. The approach we detail in this paper for detecting system misuse leverages some of the work performed by these authors; our core engine performs a state based analysis of audit data. Analysis of the requirements for audit data content for intrusion detection has been performed by Price [39] and ....

Harold S. Javitz and Alfonso Valdes. The sri ides statistical anomaly detector. In IEEE Symposium on Research in Security and Privacy, 1991.

A Hybrid Approach to Profile Creation and Intrusion Detection - Marin, Ragsdale, Surdu (2001)   (2 citations)  (Correct)

....Since the publication of her model, intrusion detection researchers have applied a wide variety of methods to detect anomalous activity. The earliest proposed methods for intrusion detection focused on the application of statistical methods to identify anomalous activity [5] Many early systems [6, 7, 8, 9] employed this method. In addition, a number of on going projects [10, 11, 12, 13] continue to employ statistical methods for anomaly detection, typically in combination with other methods. More recent anomaly detection methods employ a wide variety of classification schemes to identify ....

Javitz, H. S. and Valdes, A., "The SRI IDES statistical anomaly detector," presented at Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, 1991.

Cards: A Distributed System For Detecting Coordinated Attacks - Yang, Ning, Wang, Jajodia (2000)   (4 citations)  (Correct)

....to provide sufficient security for a computer system, intrusion detection techniques are introduced as a second line of defense [2, 8] Early intrusion detection system (IDS) models were designed to monitor the activities of a single host. Such models include Haystack [12] and SRI s IDES [5, 7]. Later models accommodated the monitoring of a number of hosts in1 2 terconnected via a network. Examples include University of California Davis Network Security Monitor [4] and DIDS [13] More recent models, such as UC Davis GrIDS [14] UC Santa Barbara s NetSTAT [15] Purdue s AAFID [1] and ....

H. S. Javitz and A. Valdez, The SRI IDES Statistical Anomaly Detector, IEEE Symposium on Security and Privacy, Oakland, CA, May 1991

A Hybrid Approach to the Profile Creation and Intrusion.. - Marin, Ragsdale, Surdu (2001)   (2 citations)  (Correct)

....Since the publication of her model, intrusion detection researchers have applied a wide variety of methods to detect anomalous activity. The earliest proposed methods for intrusion detection focused on the application of statistical methods to identify anomalous activity [5] Many early systems [6, 7, 8, 9] employed this method. In addition, a number of on going projects [10, 11, 12, 13] continue to employ statistical methods for anomaly detection, typically in combination with other methods. More recent anomaly detection methods employ a wide variety of classification schemes to identify ....

Javitz, H. S. and Valdes, A., "The SRI IDES statistical anomaly detector," presented at Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, 1991.

Machine Learning Techniques for the Computer Security Domain of.. - Lane (2000)   (5 citations)  (Correct)

....temporal data to atemporal. For example, a stream of command input data can be reduced to summaries such as mean usage of each command per unit time or mean and standard deviation of time between command inputs. This approach is popular for adaptive anomaly detection systems; see, for example, [34, 35, 36]. By employing statistical models for data reduction, the need for sophisticated knowledge of the target system is alleviated. A statistical model of the data is still required, but such models are general and widely applicable. The diculty is that many summary statistics also eliminate the ....

....be popular in the eld of network intrusion detection where many attacks are scripted and rules can be (relatively) easily derived from packet analysis or captured attack scripts [13, 14] More often rule bases form a single component of an anomaly detection system. Systems such as (N)IDES [80, 81, 34, 82] and its successor EMERALD [12] AIS [83] MIDAS [84] and NSM [85] all employ rule bases as higher level decision procedures in a hierarchical detection system. These procedures are used as discriminators to prune out spurious hits from lower level sensors and anomaly detectors which may be ....

H. Javitz and A. Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 316-326, 1991.

Machine Learning Techniques for the Domain of Anomaly Detection.. - Lane (1998)   (1 citation)  (Correct)

....temporal data to atemporal. For example, a stream of command input data can be reduced to summaries such as mean usage of each command per unit time or mean and standard deviation of time between command inputs. This approach is popular for adaptive anomaly detection systems; see, for example, [26, 4, 59]. By employing statistical models for data reduction, the need for sophisticated knowledge of the target system is 19 alleviated. A statistical model of the data is still required, but such models are quite general and widely applicable. The difficulty is that many summary statistics also ....

....by hand. Signature based detectors have proved to be quite useful in diagnosing known security vulnerabilities (for example, the SATAN SANTA tool [18] or virus attacks (for example, 22] More often rule bases form a single component of an anomaly detection system. Systems such as (N)IDES [35, 34, 26, 3] and its successor EMERALD [43] AIS [25] MIDAS [58] and NSM [24] all employ rule bases higher as level decision procedures in a hierarchical detection system. These procedures are used as discriminators to prune out spurious hits from lower level sensors and anomaly detectors which may be ....

H. Javitz and A. Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 316--326, 1991.

Training a Neural-Network Based Intrusion Detector to.. - Lee, Heinbuch (2000)   (3 citations)  (Correct)

....Beginning with Dorothy Denning s work in 1987 [1] the original concept for an intrusion detection system was an anomaly detector. Early systems like Intrusion Detection Expert System (IDES) and Next generation IDES (NIDES) were built around this concept of a statistical anomaly detector [2,3]. These systems were confounded by two difficulties, one practical and the other theoretical. The practical difficulty is that nominal usage has high variability and changes over time. To meet this challenge, systems had a fairly loose threshold for tolerance of anomalous behavior, and were ....

Javitz, H., Valdes, A., "The SRI IDES Statistical Anomaly Detector", Proceeding of the Symposium on Research in Security and Privacy, pp. 316-326, May 1991

Using CLIPS to Detect Network Intrusions - Pedro Alpio Paulo (2003)   (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the 1991.

On the Detection of - Anomalous System Call (2003)   (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

Anomalous System Call Detection - Mutz, Valeur, Kruegel, Vigna (2006)   (1 citation)  (Correct)

No context found.

Javitz, H. S. and Valdes, A. 1991. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy.

Bayesian Event Classification for Intrusion Detection - Christopher Kruegel Darren (2003)   (1 citation)  (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

Anomaly Detection of Web-based Attacks - Christopher Kruegel Chris (2003)   (2 citations)  (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

Intrusion Detection: A Study - Blomqvist, Skantze (1995)   (1 citation)  (Correct)

No context found.

Harold S. Javitz and Alfonso Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1991.

The Evolution of Dependable Computing at the.. - Iyer, Sanders, Patel, ..   (Correct)

No context found.

H. S. Javitz, A. Valdes, "The SRI IDES Statistical Anomaly Detector," Proc. IEEE Symp. on Research in Security and Privacy, Oakland, CA, May 1991, pp. 316-376.

ForNet: A Distributed Forensics Network - Shanmugasundaram, Memon, Savant, .. (2003)   (Correct)

No context found.

H. S. Javitz and A. Valdes. The sri ides statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy, 1991.

Anomaly Detection of Web-based Attacks - Kruegel, Vigna (2003)   (2 citations)  (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

On the Detection of Anomalous System Call Arguments - Kruegel, Mutz, Valeur, Vigna (2003)   (5 citations)  (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

How to Increase Security in Mobile Networks by Anomaly.. - Büschkes, Kesdogan, Reichl (1998)   (1 citation)  (Correct)

No context found.

H. Javitz and A. Valdes. The SRI IDES statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 316--326, May 1991.

Overcoming Byzantine Failures Using Checkpointing - Adnan Agbaria Roy   (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Conference on Research in Security and Privacy, pages 316--376, Oakland, CA, May 1991.

Bayesian Event Classification for Intrusion Detection - Christopher Kruegel Darren (2003)   (1 citation)  (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

Anomaly Detection of Web-based Attacks - Kruegel, Vigna (2003)   (2 citations)  (Correct)

No context found.

H. S. Javitz and A. Valdes. The SRI IDES Statistical Anomaly Detector. In Proceedings of the IEEE Symposium on Security and Privacy, May 1991.

Towards the Scalable Implementation of a User Level.. - Chinchani, Upadhyaya..   (Correct)

No context found.

H. Javitz and A. Valdez, "The SRI IDES Statistical Anomaly Detector", Proceedings of IEEE Symposium on Research in Security and Privacy, May 1991, pp. 316-326.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC