article

Data mining-based intrusion detectors: an overview of the columbia IDS project

Authors:

Salvatore J. Stolfo,

Wenke Lee,

Philip K. Chan,

Wei Fan,

Eleazar EskinAuthors Info & Claims

ACM SIGMOD Record, Volume 30, Issue 4

Pages 5 - 14

https://doi.org/10.1145/604264.604267

Published: 01 December 2001 Publication History

Get Access

References

[1]

1. Wenke Lee and Dong Xiang, Information-Theoretic Measures for Anomaly Detection, The 2001 IEEE Symposium on Security and Privacy, Oakland, CA, May 2001.]]

Digital Library

Google Scholar

[2]

2. J. B. D. Cabrera, L. Lewis, X. Qin, Wenke Lee, Ravi Prasanth, B. Ravichandran, and Raman Mehra, Proactive Detection of Distributed Denial of Service Attacks Using MIB Traffic Variables - A Feasibility Study, The Seventh IFIP/IEEE International Symposium on Integrated Network Management (IM 2001), Seattle, WA, May 2001.]]

Google Scholar

[3]

3. Wenke Lee, Rahul Nimbalkar, Kam Yee, Sunil Patil, Pragnesh Desai, Thuan Tran, and Sal Stolfo, A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions In Proceedings of The Third International Workshop on Recent Advances in Intrusion Detection (RAID 2000), Lecture Notes in Computer Science No. 1907, Toulouse, France, October 2000.]]

Digital Library

Google Scholar

[4]

4. Eleazar Eskin, Wenke Lee and Salvatore J. Stolfo. "Modeling System Calls for Intrusion Detection with Dynamic Window Sizes." Proceedings of DISCEX II. June 2001.]]

Google Scholar

[5]

5. Wenke Lee, Salvatore J. Stolfo, Philip K. Chan, Eleazar Eskin, Wei Fan, Matthew Miller, Shlomo Hershkop and Junxin Zhang. "Real Time Data Mining-based Intrusion Detection.", Proceedings of DISCEX II. June 2001.]]

Google Scholar

[6]

6. Matthew G. Schultz, Eleazar Eskin, and Salvatore J. Stolfo. "Malicious Email Filter - A UNIX Mail Filter that Detects Malicious Windows Executables." Proceedings of USENIX Annual Technical Conference - FREENIX Track. Boston, MA: June 2001.]]

Digital Library

Google Scholar

[7]

7. Matthew G. Schultz, Eleazar Eskin, Erez Zadok, and Salvatore J. Stolfo. "Data Mining Methods for Detection of New Malicious Executables" Proceedings of IEEE Symposium on Security and Privacy. Oakland, CA: May 2001.]]

Digital Library

Google Scholar

[8]

8. Leonid Portnoy. "Intrusion Detection with Unlabeled Data using Clustering" Undergraduate Thesis. Columbia University: December, 2000.]]

Google Scholar

[9]

9. Eleazar Eskin, Matthew Miller, Zhi-Da Zhong, George Yi, Wei-Ang Lee, Sal Stolfo. "Adaptive Model Generation for Intrusion Detection Systems" Workshop on Intrusion Detection and Prevention, 7th ACM Conference on Computer Security, Athens, GR: November, 2000.]]

Google Scholar

[10]

10. Wenke Lee, Wei Fan, Matthew Miller, Sal Stolfo, and Erez Zadok. "Toward Cost-Sensitive Modeling for Intrusion Detection and Response" Workshop on Intrusion Detection and Prevention, 7th ACM Conference on Computer Security, Athens, GR: November, 2000.]]

Google Scholar

[11]

11. Eskin, Eleazar. "Anomaly Detection over Noisy Data using Learned Probability Distributions" ICML00, Palo Alto, CA: July, 2000.]]

Digital Library

Google Scholar

[12]

12. Wei Fan, Wenke Lee, Sal Stolfo, and Matthew Miller. "A Multiple Model Cost-Sensitive Approach for Intrusion Detection", Eleventh European Conference on Machine Learning (ECML '00) 2000.]]

Digital Library

Google Scholar

[13]

13. Sal Stolfo, Wei Fan, Wenke Lee, Andreas Prodromidis, and Phil Chan. "Cost-based Modeling for Fraud and Intrusion Detection: Results from the JAM Project" In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX '00), 2000.]]

Google Scholar

[14]

14. Wenke Lee, Matthew Miller, Sal Stolfo, Kahil Jallad, Christoper Park, Erez Zadok, and Vijay Prabhakar. "Toward Cost-Sensitive Modeling for Intrusion Detection" Columbia University Computer Science Technical Report CUCS-002-00.]]

Google Scholar

[15]

15. Matthew Miller. "Learning Cost-Sensitive Classification Rules for Network Intrusion Detection using RIPPER" Columbia University Computer Science Technical Report CUCS-035-1999.]]

Google Scholar

[16]

16. Wenke Lee, Sal Stolfo, and Kui Mok. "Mining in a Data-flow Environment: Experience in Network Intrusion Detection" In Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD '99), San Diego, CA, August, 1999.]]

Digital Library

Google Scholar

[17]

17. Wenke Lee, Sal Stolfo, and Kui Mok. "A Data Mining Framework for Building Intrusion Detection Models" In Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, May 1999.]]

Google Scholar

[18]

18. Wenke Lee, Chris Park, and Sal Stolfo. "Towards Automatic Intrusion Detection using NFR" In Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring, April 1999.]]

Digital Library

Google Scholar

[19]

19. Wenke Lee, Sal Stolfo, and Kui Mok. "Mining Audit Data to Build Intrusion Detection Models", In Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (KDD '98), New York, NY, August 1998.]]

Google Scholar

[20]

20. Wenke Lee and Sal Stolfo. "Data Mining Approaches for Intrusion Detection" In Proceedings of the Seventh USENIX Security Symposium (SECURITY '98), San Antonio, TX, January 1998.]]

Digital Library

Google Scholar

[21]

21. Wenke Lee, Sal Stolfo, and Phil Chan. "Learning Patterns from Unix Process Execution Traces for Intrusion Detection", AAAI Workshop: Al Approaches to Fraud Detection and Risk Management, July 1997.]]

Google Scholar

[22]

1. Cost Complexity-based Pruning of Ensemble Classifiers, (with A. Prodromidis), Journal on Distributed and Parallel KDD, Special Issue on Knowledge and Information Systems, 2000.]]

Google Scholar

[23]

2. A Framework for Constructing Features and Models for Intrusion Detection Systems, (with W. Lee), ACM Transactions on Information and System Security, TISSEC, Vol 3, No. 4, November, 2000.]]

Digital Library

Google Scholar

[24]

3. Distributed Data Mining in Credit Card Fraud Detection, (with P. Chan, W. Fan, A. Prodromidis), IEEE Intelligent Systems, Vol. 14, No. 6, 1999.]]

Digital Library

Google Scholar

[25]

4. Adaptive Intrusion Detection: a Data Mining Approach, (with W. Lee and K. Mok), Artificial Intelligence Review, Volume 14, No. 6, Kluwer Academic Publishers, 2000, pp. 533-567.]]

Digital Library

Google Scholar

[26]

5. Wenke Lee, Wei Fan, Matthew Miller, Sal Stolfo, and Erez Zadok. "Toward Cost-Sensitive Modeling for Intrusion Detection and Response" Journal of Computer Security, (to appear), 2002.]]

Digital Library

Google Scholar

[27]

1. Philip Chan, An Extensible Meta-Learning Approach for Scalable and Accurate Inductive Learning, 1996. (Asst. Professor Florida Institute of Technology)]]

Digital Library

Google Scholar

[28]

2. Andreas Prodromidis, Efficiency and Scalability of Distributed Data Mining, Pruning and Bridging Multiple Models September 1999. (Director of Research iPrivacy LLC)]]

Google Scholar

[29]

3. Wenke Lee, A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems, June, 1999. (Asst. Professor, Georgia Tech).]]

Digital Library

Google Scholar

[30]

4. Dave (Wei) Fan, Cost-sensitive, Scaleable AdaptiveLlearning. May 2001, (Member of the research staff at IBM research)]]

Google Scholar

Cited By

View all

Manoharan GDharmaraj ASheela SNaidu KChavva MChaudhary J(2024)Machine Learning-Based Real-Time Fraud Detection in Financial Transactions2024 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)10.1109/ACCAI61061.2024.10602350(1-6)Online publication date: 9-May-2024
https://doi.org/10.1109/ACCAI61061.2024.10602350
Sivanantham SMohanraj VSuresh YSenthilkumar J(2023)Association Rule Mining Frequent-Pattern-Based Intrusion Detection in NetworkComputer Systems Science and Engineering10.32604/csse.2023.02589344:2(1617-1631)Online publication date: 2023
https://doi.org/10.32604/csse.2023.025893
Wang ZShao LCheng KLiu YJiang JNie YLi XKuang X(2022)ICDFInternational Journal of Intelligent Systems10.1002/int.2287737:10(7180-7199)Online publication date: 25-Aug-2022
https://dl.acm.org/doi/10.1002/int.22877
Show More Cited By

Index Terms

Data mining-based intrusion detectors: an overview of the columbia IDS project

Recommendations

An alert data mining framework for network-based intrusion detection system
WISA'05: Proceedings of the 6th international conference on Information Security Applications

Intrusion detection techniques have been developed to protect computer and network systems against malicious attacks. However, there are no perfect intrusion detection systems or mechanisms, because it is impossible for the intrusion detection systems ...
Data mining-based intrusion detectors

With popularization of internet, internet attack cases are increasing, and attack methods differs each day, thus information safety problem has became a significant issue all over the world. Nowadays, it is an urgent need to detect, identify and hold up ...
Testing malware detectors
ISSTA '04: Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis

In today's interconnected world, malware, such as worms and viruses, can cause havoc. A malware detector (commonly known as virus scanner) attempts to identify malware. In spite of the importance of malware detectors, there is a dearth of testing ...

Comments

Information & Contributors

Information

Published In

ACM SIGMOD Record Volume 30, Issue 4

December 2001

104 pages

ISSN:0163-5808

DOI:10.1145/604264

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 December 2001

Published in SIGMOD Volume 30, Issue 4

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

59
Total Citations
View Citations
3,055
Total Downloads

Downloads (Last 12 months)46
Downloads (Last 6 weeks)2

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Manoharan GDharmaraj ASheela SNaidu KChavva MChaudhary J(2024)Machine Learning-Based Real-Time Fraud Detection in Financial Transactions2024 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI)10.1109/ACCAI61061.2024.10602350(1-6)Online publication date: 9-May-2024
https://doi.org/10.1109/ACCAI61061.2024.10602350
Sivanantham SMohanraj VSuresh YSenthilkumar J(2023)Association Rule Mining Frequent-Pattern-Based Intrusion Detection in NetworkComputer Systems Science and Engineering10.32604/csse.2023.02589344:2(1617-1631)Online publication date: 2023
https://doi.org/10.32604/csse.2023.025893
Wang ZShao LCheng KLiu YJiang JNie YLi XKuang X(2022)ICDFInternational Journal of Intelligent Systems10.1002/int.2287737:10(7180-7199)Online publication date: 25-Aug-2022
https://dl.acm.org/doi/10.1002/int.22877
Sheppard J(2021)A Partial Approach to Intrusion DetectionDigital Forensics and Cyber Crime10.1007/978-3-030-68734-2_5(78-97)Online publication date: 7-Feb-2021
https://doi.org/10.1007/978-3-030-68734-2_5
Fassihi FGhaffari R(2020)Intelligent Systemic/Systematic Innovation and Its Role in Delivering Improvement and Change in the Design of Mission Critical SystemsHarnessing Knowledge, Innovation and Competence in Engineering of Mission Critical Systems10.5772/intechopen.89840Online publication date: 4-Mar-2020
https://doi.org/10.5772/intechopen.89840
Li JCao WHuang J(2020)An intrusion detection algorithm based on data streams mining and cognitive computingJournal of Ambient Intelligence and Humanized Computing10.1007/s12652-020-02543-5Online publication date: 16-Sep-2020
https://doi.org/10.1007/s12652-020-02543-5
Roopa Devi ESuganthe R(2019)Improved Relevance Vector Machine (IRVM) classifier for Intrusion Detection SystemSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-018-3621-z23:19(9111-9119)Online publication date: 1-Oct-2019
https://dl.acm.org/doi/10.1007/s00500-018-3621-z
Hu JYang HLyu MKing IMan-Cho So A(2018)Online Nonlinear AUC Maximization for Imbalanced Data SetsIEEE Transactions on Neural Networks and Learning Systems10.1109/TNNLS.2016.261046529:4(882-895)Online publication date: Apr-2018
https://doi.org/10.1109/TNNLS.2016.2610465
Mishra VDsouza JElizabeth L(2018)Analysis and Comparison of Process Mining Algorithms with Application of Process Mining in Intrusion Detection System2018 7th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)10.1109/ICRITO.2018.8748748(613-617)Online publication date: Aug-2018
https://doi.org/10.1109/ICRITO.2018.8748748
Lu HCui XWang LJiang YCui M(2018)The Research on Security Audit for Information System Classified ProtectionCloud Computing and Security10.1007/978-3-030-00009-7_28(300-308)Online publication date: 21-Sep-2018
https://doi.org/10.1007/978-3-030-00009-7_28
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

An alert data mining framework for network-based intrusion detection system