Publication | Closed Access
Learning rules for anomaly detection of hostile network traffic
199
Citations
16
References
2003
Year
Unknown Venue
Anomaly DetectionMachine LearningEngineeringInformation SecurityNetwork AnalysisInformation ForensicsHostile Network TrafficData ScienceData MiningPattern RecognitionData ManagementStatisticsRare EventsLong Range DependenciesIntrusion Detection SystemThreat DetectionTcp SessionsKnowledge DiscoveryComputer ScienceIntrusion DetectionBotnet DetectionNetwork Traffic MeasurementNetwork MonitoringBig Data
We introduce an algorithm called LERAD that learns rules for finding rare events in nominal time-series data with long range dependencies. We use LERAD to find anomalies in network packets and TCP sessions to detect novel intrusions. We evaluated LERAD on the 1999 DARPA/Lincoln Laboratory intrusion detection evaluation data set and on traffic collected in a university departmental server environment.
| Year | Citations | |
|---|---|---|
Page 1
Page 1