@inproceedings{eda345aacef9454884d2e99d4c259c72,
title = "Towards data mining temporal patterns for anomaly intrusion detection systems",
abstract = "A reasonably light-weight host and net-centric network IDS architecture model is indicated. The model is anomaly based on a state-driven notion of {"}anomaly{"}. Therefore, the relevant distribution function need not remain constant; it could migrate from states to states without any a priori warning so long as its residency time at a next steady state is sufficiently long to make valid observations there. Only those intrusion events (basically DOS and DDOS variety) capable of triggering anomalous streams of attacks/response both near and/or far of target monitoring point(s) are considered at the first level of detection. At the next level of detection, the filtered states could be fine-combed in a batch mode to mine unacceptable strings of commands or known attack signatures.",
keywords = "Data mining, Event detection, Information resources, Information technology, Internet, Intrusion detection, Monitoring, Protection, Telecommunication traffic, Traffic control",
author = "S. Sengupta and B. Andriamanalimanana and Card, \{S. W.\} and P. Kadam and S. Ranwadkar and K. Das and S. Parikh",
note = "Publisher Copyright: {\textcopyright} 2003 IEEE.; 2nd IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems, IDAACS 2003 ; Conference date: 08-09-2003 Through 10-09-2003",
year = "2003",
doi = "10.1109/IDAACS.2003.1249550",
language = "English",
series = "Proceedings of the 2nd IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2003",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "205--209",
booktitle = "Proceedings of the 2nd IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems",
}