Automated rule induction procedures like machine learning and statistical techniques result in rules that lack generalization and maintainability. Developing rules manually throug...
: Most intrusion detection systems deployed today apply misuse detection as analysis method. Misuse detection searches for attack traces in the recorded audit data using predefined...
—String matching is a ubiquitous problem that arises in a wide range of applications in computing, e.g., packet routing, intrusion detection, web querying, and genome analysis. D...
Rare events analysis is an area that includes methods for the detection and prediction of events, e.g. a network intrusion or an engine failure, that occur infrequently and have s...
The paper discusses our research in development of general and systematic methods for intrusion prevention. The key idea is to use data mining techniques to discover repeated patt...