A Multiple Instance Learning Problem Approach Model to Anomaly Network Intrusion Detection |
Weon, Ill-Young
(Dept. of Computer Engineering, Konkuk University)
Song, Doo-Heon (Dept. of Computer Games & Information, Yong-in SongDam College) Ko, Sung-Bum (Dept. of Computer Science, Kongju National University) Lee, Chang-Hoon (Dept. of Computer Engineering, Konkuk University) |
1 | C. Kruegel and G. Vigna. Anomaly detection of webbased attacks. In Proceedings of the 10th ACM Conference on Computer and Communication Security (CCS '03), pages 251--261, Washington DC, USA, October 2003. ACM Press |
2 | P. Barford, J. Kline, D. Plonka, and A. Ron. A Signal Analysis of Network Traffic Anomalies. In Proceedings of ACM SIGCOMM Internet Measurement Workshop, November 2002 |
3 | F Gonzalez and D Dasgupta, Anomaly detection using real-valued negative selection. Journal of Genetic Programming and Evolvabe Machines, 4:383--403, 2003 DOI ScienceOn |
4 | Javitz, H. and Alfonso Valdes, S. The NIDES Statistical Component Description and Justification, Annual Report, SRI International, 333 Ravenwood Avenue, Menlo Park, CA 94,025, March 1994 |
5 | M. Markou and S. Singh. Novelty detection: a review-part 1: statistical approaches. Signal Processing, v.83 n.12, p.2481-2497, December 2003 DOI ScienceOn |
6 | W. LEE. 'A Data Mining Framework for constructing Features and Models for Intrusion Detection Systems', Ph.D. Dissertation, Columbia University, 1999 |
7 | A.K. Ghosh, A. Schwatzbard and M. Shatz, Learning Program Behavior Profiles for Intrusion Detection, in Proceedings 1st USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, April 1999 |
8 | Wang, J. and Sucker, J.-I). Solving the MultipleInstance Learning Problem: A Lazy Learning Approach, Proceedings 17th International Conference on Machine Learning (pp. 1119-1125). San Francisco: Morgan Kaufmann, 2000 |
9 | Dietterich, T. G., Lathrop, P H. and Lozano-Perez, T. Solving the multiple-instance problem with axisparallel rectangles. Artificial Intelligence, 89, 31-71.1997 DOI ScienceOn |
10 | Lippman. R. et. AI. Evaluation intrusion detection systems: The 1998 DARPA Off-line intrusion detection evaluation, Proc. Of DARPA Information Survivability Conference and Exposition, pp 12-26, 2000 |
11 | DARPA data set: www.ll.mit.edu/IST/ideval |
12 | Mutual Information: http://en.wikipedia.org/wiki/ Mutual_information |
13 | Behrouz A. Forouzan. TCP/IP Protocol Suite. MaGRAW-HILL,2000 |
14 | Aha, D. & Kibler, D., Noise-tolerant instance-based learning algorithms. Proceedings of the Eleventh International Joint Conference on Artificial Intelligence pp.794-799, 1989 |
15 | Stanfill C., & Waltz, D., Toward memory-based reasoning. Communications of the ACM, 1986 |
16 | Won, I., Song, D., Lee, C. Heo., Y. & Jang, J., A Machine Learning approach toward an environmentfree network anomaly IDS - A primer report, In Proc of 5th International Conference on Advanced Communication Technology, 2003 |
17 | Song,D.,Won, I.,Cang, Lee, The Utility of Packet level decision in Misused Intrusion Detection System: An analysis of DARPA dataset toward a hybrid behavior based IDS. The 3rd Asia Pacific International Symposium on Information Technology, Jan. 13-142004, Istanbul, Turkey |
18 | S. Cost, and S. Salzberg, A Weighted Nearest Neighbor Algorithm for Learning with Symbolic Features, Machine Learning 10,00.57-78,1993 |
19 | Joo, D., The Design and Analysis of Intrusion Detection Systems using Data Mining, KAIST PH.D, 2003 |
20 | Sadat Malik. Network Security Principles and Practices, Cisco Press, pp. 420. 2003 |