Browse > Article
http://dx.doi.org/10.13089/JKIISC.2003.13.4.151

Anomaly Detection Method Based on The False-Positive Control  

조혁현 (여수대학교 정보기술학부)
정희택 (여수대학교 정보기술학부)
김민수 (전남대학교 정보보호협동과)
노봉남 (전남대학교 컴퓨터정보학부)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.13, no.4, 2003 , pp. 151-159 More about this Journal
Abstract
Internet as being generalized, intrusion detection system is needed to protect computer system from intrusions synthetically. We propose an intrusion detection method to identify and control the contradiction on self-explanation that happen at profiling process of anomaly detection methodology. Because many patterns can be created on profiling process with association method, we present effective application plan through clustering for rules. Finally, we propose similarity function to decide whether anomaly action or not for user pattern using clustered pattern database.
Keywords
Intrusion detection system; False-positive; Profiling; Association rule mining; Clustering;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Data Mining approachs for intrusion detection /
[ W.Lee;S.J.Stolfo ] / Proc. of the 7th USENIX Security Symposium
2 A Neural Network Approach Toward Intrusion Detection /
[ K.L.Fox;R.R.Henning:J.H.Reed;R.Simonian ] / Proc. of the 13th National Computer Security Conference
3 Closed Set Based Discovery of Small covers for Association Rulse /
[ N.Pasquier;Y.Bastide;R.Taouil;L.Lakhal ] / Proc. 15emes Journees Bases de Donness Avancees
4 Algorithms for Mining system audit data /
[ W.Lee;S.J.Stolfo;K.W.Mok;T.Y.Lin(ed.);Y.Y.Yao(ed.);L.A.Zadeh(ed.) ] / Data Mining, Rought Set, and Granular Computing
5 The architecture of a network level intrusion detection systems /
[ R.Heady;G.Luger;A.Maccabe;M.Servilla ] / Technical Report, Computer Science Dept. Univ. of New Mexico
6 /
[ T.Kohonen ] / Self-Organizing Maps
7 Towards a Taxonomy of Intrusion-Detection Systems /
[ H.Debar;M.Dacier;A.Wespi ] / Research Report of IBM Rearch Division
8 /
[ R.G.Bace ] / Intrusion Detection
9 /
[ C.Kahn;R.A.Porras;S.Staniford Chen;B.Tung ] / A Common Intrusion Detection Framework
10 /
[ W.Lee;S.J.Stolfo ] / Adaptive Intrusion Detection: a Data Mining Approach
11 An effective hash-based algorithm for mining association rules /
[ Jung soo Park;Ming syan Chen;P.S.Yu ] / Proc. of ACM SIGMOD Conference on Management of Data
12 데이터베이스 시스템에서 연관 규칙 탐사 기법을 이용한 이상 행위 탐지 /
[ 박정호;오상현;이원석 ] / 정보처리학회 논문지   과학기술학회마을
13 Discovering generalized episodes using minimal occurrences /
[ H.Mannila;H.Toivonen ] / Proc. of the 2nd International Conference on Knowledge Discovery in Databases and Data Mining
14 An Intrusion-Detection Model /
[ Denning,D.E ] / IEEE Transaction o Software Engineering   DOI   ScienceOn
15 Artificial Intelligence and Intrusion Detection : Current and Future /
[ J.Frank ] / Proc. of the 17th Computer Security Conference
16 Clustering Association Rules /
[ B.Lent;A.Swami;J.Widom ] / Proc. of the 13th International Conference on Data Engineering
17 페킷간 연관 관계를 이용한 네트워크 이상행위 탐지 /
[ 오세훈;이원석 ] / 정보보호학회논문지   과학기술학회마을
18 Mining association rules between sets of items in large databases /
[ R.Agrawal;T.Imielinski;A.Swami ] / Proc. of the ACM SIGMOD Conference on Management of Data
19 A Data Mining Framework for Building Intrusion Detection Models /
[ W.Lee;S.J.Stolfo;K.W.Mok ] / Proc. of the 1999 IEEE Symposium on Security and Privacy
20 Detection Anomalous and Unknown Intrusions Against Programs /
[ A.K.Gjosh;J.Wanken;F.Charron ] / Proc. of the Annual Computer Security Application Conference
21 An Immunological Model of Distributed Detection and its Application to Computer Security /
[ S.A.Hofmeyr ] / Ph. D. Thesis. Univ. of New Mexico