Open Access
Data mining for security
Kenji Yamanishi,Junnichi Takeuchi,Yuko Maruyama +2 more
- 01 Dec 2005
- Vol. 2, Iss: 1, pp 63-69
10
TL;DR: SmartSifter, ChangeFinder, and AccessTracer are introduced, which are able to learn statistical patterns of logs adaptively and to detect intrusions as statistical anomalies relative to the learned patterns.
read more
Abstract: It becomes increasingly important to detect intrusions with unknown patterns in order to protect our business from cyber terrorism threats. This paper introduces data mining technologies designed for this purpose; SmartSifter (outlier detection engine), ChangeFinder (change-point detection engine), AccessTracer (anomalous behavior detection engine). All of them are able to learn statistical patterns of logs adaptively and to detect intrusions as statistical anomalies relative to the learned patterns. We briefly overview the principles of these engines and illustrate their applications to network intrusion detection, worm detection, and masquerader detection.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Analyzing Malware Log Data to Support Security Information and Event Management: Some Research Results
Roland Gabriel,Tobias Hoppe,Alexander Pastwa,Sebastian Sowa +3 more
- 01 Mar 2009
TL;DR: This paper demonstrates in the context of a project case study that data mining (DM) is a well suited approach to detect hidden patterns in malware data and thus to support SIEM.
32
Implementation of Machine Learning and Data Mining to Improve Cybersecurity and Limit Vulnerabilities to Cyber Attacks
Mohamed Alloghani,Dhiya Al-Jumeily,Abir Hussain,Jamila Mustafina,Thar Baker,Ahmed J. Aljaaf,Ahmed J. Aljaaf +6 more
- 01 Jan 2020
TL;DR: The findings of the study suggest that Neural Network is the best performing algorithm and the model suggest that inclusion of an IP address in the domain name, longer URL, use of URL shortening services, and inclusion of “@” symbol in the URL are the leading features of phishing websites.
31
Vulnerability Database as a Service for IoT
Mark Nerwich,Praveen Gauravaram,Hye-Young Paik,Surya Nepal +3 more
- 12 Nov 2020
TL;DR: In this paper, the authors present a community-driven, IoT-specific database which documents the vulnerabilities and attacks on IoT infrastructures and provides a suite of data access APIs for integration with other applications, such as Integrated Development Environment (IDE) or security tools.
6
A Survey on Cluster Based Outlier Detection Techniques in Data Stream
S. Anitha,Mary Metilda +1 more
TL;DR: This survey presents the overview of fundamental outlier detection approaches and various types of outlier Detection methods in data stream.
5
Masquerader detection in mobile context based on behaviour and environment monitoring
Oleksiy Mazhelis
- 01 Jan 2007
TL;DR: A conceptual basis for differentiating between the legitimate user of the terminal and other individuals by analysing the information about user behaviour and environment is developed and the practical issue of applying it to the problem of mobile-masquerader detection is addressed.
4
References
On-Line Unsupervised Outlier Detection Using Finite Mixtures with Discounting Learning Algorithms
TL;DR: An experimental application to network intrusion detection shows that SmartSifter was able to identify data with high scores that corresponded to attacks, with low computational costs.
672
On-line unsupervised outlier detection using finite mixtures with discounting learning algorithms
Kenji Yamanishi,Jun'ichi Takeuchi,Graham J. Williams,Peter A. Milne +3 more
- 01 Aug 2000
TL;DR: An experimental application to network intrusion detection shows that SmartSifter was able to identify data with high scores that corresponded to attacks, with low computational costs.
A unifying framework for detecting outliers and change points from non-stationary time series data
Kenji Yamanishi,Jun'ichi Takeuchi +1 more
- 23 Jul 2002
TL;DR: An efficient algorithms for on-line discounting learning of auto-regression models from time series data, and the validity of the framework is demonstrated through simulation and experimental applications to stock market data analysis.
338
Masquerade detection using truncated command lines
Roy A. Maxion,T.N. Townsend +1 more
- 23 Jun 2002
TL;DR: This paper takes as its point of departure a recent series of experiments framed by Schonlau et al. (2001), and extends that work with a new classification algorithm, achieving a 56% improvement in masquerade detection at a corresponding false-alarm rate of 1.3%.
•Proceedings Article
Detecting Cellular Fraud Using Adaptive Prototypes.
Peter Burge,John Shawe-Taylor +1 more
- 01 Jan 1997
TL;DR: Using a recurrent neural network technique, prototypes are uniformly distributed over Toll Tickets to form statistical behaviour proFdes covering both the short and long-term past to be prepared for the would-be fraudster for both GSM and UMTS.
Related Papers (5)
Kamini Maheshwar,Divakar Singh +1 more
- 01 Jan 2013
Rahul Madhukar Chinchore,S. S Sambare +1 more
- 11 Jan 2013