Lippmann et al., 2000 - Google Patents
Improving intrusion detection performance using keyword selection and neural networksLippmann et al., 2000
View PDF- Document ID
- 3329541364438597015
- Author
- Lippmann R
- Cunningham R
- Publication year
- Publication venue
- Computer networks
External Links
Snippet
The most common computer intrusion detection systems detect signatures of known attacks by searching for attack-specific keywords in network traffic. Many of these systems suffer from high false-alarm rates (often hundreds of false alarms per day) and poor detection of …
- 238000001514 detection method 0 title abstract description 57
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lippmann et al. | Improving intrusion detection performance using keyword selection and neural networks | |
| Lippmann et al. | The 1999 DARPA off-line intrusion detection evaluation | |
| Cho et al. | SAD: web session anomaly detection based on parameter estimation | |
| Cunningham et al. | Evaluating intrusion detection systems without attacking your friends: The 1998 DARPA intrusion detection evaluation | |
| Valeur et al. | Comprehensive approach to intrusion detection alert correlation | |
| Haines et al. | Validation of sensor alert correlators | |
| Guezzaz et al. | A Global Intrusion Detection System using PcapSockS Sniffer and Multilayer Perceptron Classifier. | |
| Rowe et al. | Defending cyberspace with fake honeypots | |
| Norouzian et al. | Classifying attacks in a network intrusion detection system based on artificial neural networks | |
| CN105868635A (en) | Methods and apparatus for dealing with malware | |
| Krishnaveni et al. | Ensemble approach for network threat detection and classification on cloud computing | |
| Gharehchopogh et al. | Evaluation of fuzzy k-means and k-means clustering algorithms in intrusion detection systems | |
| Robertson et al. | Darknet mining and game theory for enhanced cyber threat intelligence | |
| Farid et al. | Adaptive network intrusion detection learning: attribute selection and classification | |
| Ongun et al. | Celest: Federated learning for globally coordinated threat detection | |
| Kemp et al. | An approach to application-layer DoS detection | |
| Lin et al. | A hypergraph-based machine learning ensemble network intrusion detection system | |
| DeCusatis et al. | Design and implementation of a research and education cybersecurity operations center | |
| Najafabadi et al. | A Text Mining Approach for Anomaly Detection in Application Layer DDoS Attacks. | |
| CN110572302B (en) | Diskless local area network scene identification method and device and terminal | |
| Tandon et al. | Defending web servers against flash crowd attacks | |
| Zhao et al. | Network security model based on active defense and passive defense hybrid strategy | |
| Chapke et al. | Intrusion detection system using fuzzy logic and data mining technique | |
| Panda et al. | Ensemble of classifiers for detecting network intrusion | |
| Cucu et al. | Current technologies and trends in cybersecurity and the impact of artificial intelligence |