DocumentCode :
2370663
Title :
Learning rules for anomaly detection of hostile network traffic
Author :
Mahoney, Matthew V. ; Chan, Philip K.
Author_Institution :
Dept. of Comput. Sci., Florida Inst. of Technol., Melbourne, FL, USA
fYear :
2003
fDate :
19-22 Nov. 2003
Firstpage :
601
Lastpage :
604
Abstract :
We introduce an algorithm called LERAD that learns rules for finding rare events in nominal time-series data with long range dependencies. We use LERAD to find anomalies in network packets and TCP sessions to detect novel intrusions. We evaluated LERAD on the 1999 DARPA/Lincoln Laboratory intrusion detection evaluation data set and on traffic collected in a university departmental server environment.
Keywords :
knowledge based systems; learning (artificial intelligence); telecommunication computing; telecommunication traffic; time series; transport protocols; LERAD algorithm; TCP; hostile network traffic anomaly detection; network packet; Computer security; Event detection; File systems; Intrusion detection; Network servers; Operating systems; Protocols; Telecommunication traffic; Testing; Viruses (medical);
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Data Mining, 2003. ICDM 2003. Third IEEE International Conference on
Print_ISBN :
0-7695-1978-4
Type :
conf
DOI :
10.1109/ICDM.2003.1250987
Filename :
1250987
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2370663
بازگشت