Eskin et al., 2002 - Google Patents
A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled dataEskin et al., 2002
View PDF- Document ID
- 17440613966872983498
- Author
- Eskin E
- Arnold A
- Prerau M
- Portnoy L
- Stolfo S
- Publication year
- Publication venue
- Applications of data mining in computer security
External Links
Snippet
Most current intrusion detection systems employ signature-based methods or data mining- based methods which rely on labeled training data. This training data is typically expensive to produce. We present a new geometric framework for unsupervised anomaly detection …
- 238000001514 detection method 0 title abstract description 84
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6279—Classification techniques relating to the number of classes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Eskin et al. | A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data | |
| US9306966B2 (en) | Methods of unsupervised anomaly detection using a geometric framework | |
| US8544087B1 (en) | Methods of unsupervised anomaly detection using a geometric framework | |
| Alhakami et al. | Network anomaly intrusion detection using a nonparametric Bayesian approach and feature selection | |
| Benaddi et al. | Improving the intrusion detection system for NSL-KDD dataset based on PCA-fuzzy clustering-KNN | |
| Saxena et al. | Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain | |
| Kim et al. | Network-based intrusion detection with support vector machines | |
| Wang et al. | Anomaly intrusion detection using one class SVM | |
| Gogoi et al. | A survey of outlier detection methods in network anomaly identification | |
| Lee et al. | Real time data mining-based intrusion detection | |
| Lazarevic et al. | A comparative study of anomaly detection schemes in network intrusion detection | |
| Li et al. | Network anomaly detection based on TCM-KNN algorithm | |
| Sharma et al. | An improved network intrusion detection technique based on k-means clustering via Naïve bayes classification | |
| Chang et al. | Intrusion detection by backpropagation neural networks with sample-query and attribute-query | |
| Rahman et al. | Adaptive intrusion detection based on boosting and naïve Bayesian classifier | |
| Rahman et al. | Attacks classification in adaptive intrusion detection using decision tree | |
| Neethu | Adaptive intrusion detection using machine learning | |
| Ketepalli et al. | Data preparation and pre-processing of intrusion detection datasets using machine learning | |
| Tavallaee et al. | A novel covariance matrix based approach for detecting network anomalies | |
| Chimphlee et al. | Unsupervised clustering methods for identifying rare events in anomaly detection | |
| Yang et al. | Clustering and classification based anomaly detection | |
| Petersen | Data mining for network intrusion detection: A comparison of data mining algorithms and an analysis of relevant features for detecting cyber-attacks | |
| Sung et al. | Behaviour mining for fraud detection | |
| Asaju et al. | Intrusion detection system on a computer network using an ensemble of randomizable filtered classifier, K-nearest neighbor algorithm | |
| Michailidis et al. | Intrusion detection using evolutionary neural networks |