File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Conference Paper: Forensic data mining: Finding intrusion patterns in evidentiary data

TitleForensic data mining: Finding intrusion patterns in evidentiary data
Authors
KeywordsLink analysis
Pattern discovery
Rule-induction algorithms
Data mining
Intrusion detection
Issue Date2010
Citation
16th Americas Conference on Information Systems 2010, AMCIS 2010, 2010, v. 5, p. 3295-3305 How to Cite?
AbstractIn The extensive growth of computing networks and tools and tricks for intruding into and attacking networks has underscored the importance of intrusion detection in network security. Yet, contemporary intrusion detection systems (IDS) are limiting in that they typically employ a misuse detection strategy, with searches for patterns of program or user behavior that match known intrusion scenarios, or signatures. Accordingly, there is a need for more robust and adaptive methods for designing and updating intrusion detection systems. One promising approach is the use of data mining methods for discovering intrusion patterns. Discovered patterns and profiles can be translated into classifiers for detecting deviations from normal usage patterns. Among promising mining methods are association rules, link analysis, and rule-induction algorithms. Our particular contribution is a unique approach to combining association rules with link analysis and a rule-induction algorithm to augment intrusion detection systems.
Persistent Identifierhttp://hdl.handle.net/10722/233815

 

DC FieldValueLanguage
dc.contributor.authorHansen, James V.-
dc.contributor.authorLowry, Paul Benjamin-
dc.contributor.authorMeservy, Rayman D.-
dc.date.accessioned2016-09-27T07:21:43Z-
dc.date.available2016-09-27T07:21:43Z-
dc.date.issued2010-
dc.identifier.citation16th Americas Conference on Information Systems 2010, AMCIS 2010, 2010, v. 5, p. 3295-3305-
dc.identifier.urihttp://hdl.handle.net/10722/233815-
dc.description.abstractIn The extensive growth of computing networks and tools and tricks for intruding into and attacking networks has underscored the importance of intrusion detection in network security. Yet, contemporary intrusion detection systems (IDS) are limiting in that they typically employ a misuse detection strategy, with searches for patterns of program or user behavior that match known intrusion scenarios, or signatures. Accordingly, there is a need for more robust and adaptive methods for designing and updating intrusion detection systems. One promising approach is the use of data mining methods for discovering intrusion patterns. Discovered patterns and profiles can be translated into classifiers for detecting deviations from normal usage patterns. Among promising mining methods are association rules, link analysis, and rule-induction algorithms. Our particular contribution is a unique approach to combining association rules with link analysis and a rule-induction algorithm to augment intrusion detection systems.-
dc.languageeng-
dc.relation.ispartof16th Americas Conference on Information Systems 2010, AMCIS 2010-
dc.subjectLink analysis-
dc.subjectPattern discovery-
dc.subjectRule-induction algorithms-
dc.subjectData mining-
dc.subjectIntrusion detection-
dc.titleForensic data mining: Finding intrusion patterns in evidentiary data-
dc.typeConference_Paper-
dc.description.natureLink_to_subscribed_fulltext-
dc.identifier.scopuseid_2-s2.0-84870318112-
dc.identifier.volume5-
dc.identifier.spage3295-
dc.identifier.epage3305-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats