Most current anomaly Intrusion Detection Systems (IDSs) detect computer network behavior as normal or abnormal but cannot identify the type of attacks. Moreover, most current intr...
Abstract. In this paper, we propose a new unsupervised anomaly detection framework for detecting network intrusions online. The framework consists of new anomalousness metrics name...
Traditional intrusion detection systems (IDS) detect attacks by comparing current behavior to signatures of known attacks. One main drawback is the inability of detecting new atta...
We have been developing a data mining (i.e., knowledge discovery) framework, MADAM ID, for Mining Audit Data for Automated Models for Intrusion Detection [LSM98, LSM99b, LSM99a]. ...