Lee, W., Stolfo, S. J., and Mok, K. (1999). Mining in a data flow environment: Experience in intrusion detection. In Proceeding of the 1999 Conference on Knowledge Discovery and Data Mining KDD-99. Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Detecting Viral Propagations Using Email Behavior.. - Stolfo, Li, Hershkop.. (2003) Self-citation (Stolfo) (Correct)
No context found.
WENKE LEE, S. J. STOLFO, AND K. MOK. 1999. Mining in a Data-flow Environments: Experiences in Intrusion Detection. In Proceedings of the 1999 Conf. on Knowledge Discovery and Data Mining (KDD-99).
A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999) (52 citations) Self-citation (Stolfo Mok) (Correct)
....network analysis purposes, and not specific to intrusion detection. We apply the frequent episodes program to both normal connection data and intrusion data, and compare the resulting patterns to find the intrusion only patterns. The details of the pattern comparison algorithm is described in [12]. Briefly, since the number of patterns may be very large and there are rarely exactly matched patterns from two data sets, this heuristic algorithm considers two episodes related to two different sets of axis features as more different, and outputs (the user specified) top percentage of the most ....
....lag = S0, dst host = victim) 0.93, 0.03, 2] 93 of the time, after two http connections with S0 flag are made to host victim, within 2 seconds from the first of these two, the third similar connection is made, and this pattern occurs in 3 of the data Table 6. Example Intrusion Pattern in [12], to support the iterative procedure of pattern mining and comparison, feature construction from patterns, and model building and evaluation. In each iteration, we choose a different data mining strategy regarding the choices of axis and reference features. These choices are limited among the ....
W. Lee, S. J. Stolfo, and K. W. Mok. Mining in a data-flow environment: Experience in intrusion detection. submitted for publication, March 1999.
Algorithms For Mining System Audit Data - Lee, Stolfo, Mok (1999) (3 citations) Self-citation (Stolfo Mok) (Correct)
....http, f lag = S0) # (service = http, f lag = S0) Contrast with normal data: no patterns with f lag = S0. We have developed an automatic technique for comparing and identifying intrusion only patterns from an aggregate set of normal patterns and a set of patterns from intrusion audit data [LSM99b] That is, the pattern analysis tasks described above can be automated. In [LSM99a] we described an algorithm for constructing temporal and statistical features from the identified intrusion only patterns. We reported that using this feature construction process, the resultant RIPPER classifier ....
W. Lee, S. J. Stolfo, and K. W. Mok. Mining in a data-flow environment: Experience in intrusion detection. submitted for publication, March 1999.
Eigenconnections to Intrusion Detection - Bouzida, Gombault (2004) (Correct)
No context found.
Lee, W., Stolfo, S. J., and Mok, K. (1999). Mining in a data flow environment: Experience in intrusion detection. In Proceeding of the 1999 Conference on Knowledge Discovery and Data Mining KDD-99.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC