Detecting Computer and Network Misuse through the Production-based Expert System Toolset (P-BEST)

  title={Detecting Computer and Network Misuse through the Production-based Expert System Toolset (P-BEST)},
  author={Ulf Lindqvist and Phillip A. Porras},
  booktitle={IEEE Symposium on Security and Privacy},
This paper describes an expert system development toolset called the Production-Based Expert System Toolset (P-BEST) and how it is employed in the development of a modern generic signature-analysis engine for computer and network misuse detection. For more than a decade, earlier versions of P-BEST have been used in intrusion detection research and in the development of some of the most wellknown intrusion detection systems, but this is the first time the principles and language of P-BEST are… CONTINUE READING
Highly Influential
This paper has highly influenced 19 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 323 citations. REVIEW CITATIONS


Publications citing this paper.

324 Citations

Citations per Year
Semantic Scholar estimates that this publication has 324 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 17 references

Expert systems in intrusion detection: A case study

  • M. M. Sebring, E. Shellhouse, M. E. Hanna, R. A. Whitehurst
  • In Proceedings of the 11th National Computer…
  • 1988
Highly Influential
11 Excerpts

Knowledge-based intrusion detection

  • T. F. Lunt, R. Jagannathan, R. Lee, A. Whitehurst, S. Listgarten
  • Proceedings of the Annual AI Systems in…
  • 1989
Highly Influential
11 Excerpts

Similar Papers

Loading similar papers…