Real time data mining-based intrusion detection
Wenke Lee, S.J. Stolfo, et al.
DISCEX 2001
Intrusion detection is an essential component of computer security mechanisms. It requires accurate and efficient analysis of a large amount of system and network audit data. It can thus be an application area of data mining. There are several characteristics of audit data: abundant raw data, rich system and network semantics, and ever "streaming". Accordingly, when developing data mining approaches, we need to focus on: feature extraction and construction, customization of (general) algorithms according to semantic information, and optimization of execution efficiency of the output models. In this paper, we describe a data mining framework for mining audit data for intrusion detection models. We discuss its advantages and limitations, and outline the open research problems.
Wenke Lee, S.J. Stolfo, et al.
DISCEX 2001
Kun Zhang, Wei Fan, et al.
International Journal of Computational Biology and Drug Design
Jing Peng, Stefan Robila, et al.
SMC 2010
Wei Fan, Matthew Miller, et al.
ICDM 2001