Specification-based anomaly detection: a new approach for detecting network intrusions

@inproceedings{Sekar2002SpecificationbasedAD,
  title={Specification-based anomaly detection: a new approach for detecting network intrusions},
  author={Raju Sekar and Ajay Gupta and J. Frullo and T. Shanbhag and A. Tiwari and Hongxiong Yang and S. Zhou},
  booktitle={ACM Conference on Computer and Communications Security},
  year={2002}
}
Unlike signature or misuse based intrusion detection techniques, anomaly detection is capable of detecting novel attacks. However, the use of anomaly detection in practice is hampered by a high rate of false alarms. Specification-based techniques have been shown to produce a low rate of false alarms, but are not as effective as anomaly detection in detecting novel attacks, especially when it comes to network probing and denial-of-service attacks. This paper presents a new approach that combines… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-10 OF 281 CITATIONS

Danger Theory Concepts Improving Malware Detection of Intrusion Detection Systems That Uses Exact Graphs

  • 2015 International Conference on Computational Science and Computational Intelligence (CSCI)
  • 2015
VIEW 5 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Sequence-aware Intrusion Detection in Industrial Control Systems

VIEW 4 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

A hybrid approach for database intrusion detection at transaction and inter-transaction levels

  • 2014 6th Conference on Information and Knowledge Technology (IKT)
  • 2014
VIEW 5 EXCERPTS
HIGHLY INFLUENCED

Database intrusion detection system for detecting malicious behaviors in transaction and inter-transaction levels

  • 7'th International Symposium on Telecommunications (IST'2014)
  • 2014
VIEW 4 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Stateful discovery of attack manifestations on networks and systems

VIEW 5 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Sequential anomaly detection based on temporal-difference learning: Principles, models and case studies

  • Appl. Soft Comput.
  • 2010
VIEW 4 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

A New Generic Taxonomy on Hybrid Malware Detection Technique

  • ArXiv
  • 2009
VIEW 6 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

FILTER CITATIONS BY YEAR

2003
2019

CITATION STATISTICS

  • 14 Highly Influenced Citations

  • Averaged 10 Citations per year from 2017 through 2019

References

Publications referenced by this paper.

Similar Papers

Loading similar papers…