File Download
There are no files associated with this item.
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Forensic data mining: Finding intrusion patterns in evidentiary data
Title | Forensic data mining: Finding intrusion patterns in evidentiary data |
---|---|
Authors | |
Keywords | Link analysis Pattern discovery Rule-induction algorithms Data mining Intrusion detection |
Issue Date | 2010 |
Citation | 16th Americas Conference on Information Systems 2010, AMCIS 2010, 2010, v. 5, p. 3295-3305 How to Cite? |
Abstract | In The extensive growth of computing networks and tools and tricks for intruding into and attacking networks has underscored the importance of intrusion detection in network security. Yet, contemporary intrusion detection systems (IDS) are limiting in that they typically employ a misuse detection strategy, with searches for patterns of program or user behavior that match known intrusion scenarios, or signatures. Accordingly, there is a need for more robust and adaptive methods for designing and updating intrusion detection systems. One promising approach is the use of data mining methods for discovering intrusion patterns. Discovered patterns and profiles can be translated into classifiers for detecting deviations from normal usage patterns. Among promising mining methods are association rules, link analysis, and rule-induction algorithms. Our particular contribution is a unique approach to combining association rules with link analysis and a rule-induction algorithm to augment intrusion detection systems. |
Persistent Identifier | http://hdl.handle.net/10722/233815 |
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Hansen, James V. | - |
dc.contributor.author | Lowry, Paul Benjamin | - |
dc.contributor.author | Meservy, Rayman D. | - |
dc.date.accessioned | 2016-09-27T07:21:43Z | - |
dc.date.available | 2016-09-27T07:21:43Z | - |
dc.date.issued | 2010 | - |
dc.identifier.citation | 16th Americas Conference on Information Systems 2010, AMCIS 2010, 2010, v. 5, p. 3295-3305 | - |
dc.identifier.uri | http://hdl.handle.net/10722/233815 | - |
dc.description.abstract | In The extensive growth of computing networks and tools and tricks for intruding into and attacking networks has underscored the importance of intrusion detection in network security. Yet, contemporary intrusion detection systems (IDS) are limiting in that they typically employ a misuse detection strategy, with searches for patterns of program or user behavior that match known intrusion scenarios, or signatures. Accordingly, there is a need for more robust and adaptive methods for designing and updating intrusion detection systems. One promising approach is the use of data mining methods for discovering intrusion patterns. Discovered patterns and profiles can be translated into classifiers for detecting deviations from normal usage patterns. Among promising mining methods are association rules, link analysis, and rule-induction algorithms. Our particular contribution is a unique approach to combining association rules with link analysis and a rule-induction algorithm to augment intrusion detection systems. | - |
dc.language | eng | - |
dc.relation.ispartof | 16th Americas Conference on Information Systems 2010, AMCIS 2010 | - |
dc.subject | Link analysis | - |
dc.subject | Pattern discovery | - |
dc.subject | Rule-induction algorithms | - |
dc.subject | Data mining | - |
dc.subject | Intrusion detection | - |
dc.title | Forensic data mining: Finding intrusion patterns in evidentiary data | - |
dc.type | Conference_Paper | - |
dc.description.nature | link_to_subscribed_fulltext | - |
dc.identifier.scopus | eid_2-s2.0-84870318112 | - |
dc.identifier.volume | 5 | - |
dc.identifier.spage | 3295 | - |
dc.identifier.epage | 3305 | - |