Show simple item record

dc.contributor.advisorChan, Philip K.
dc.contributor.authorTandon, Gaurav
dc.contributor.authorChan, Philip K.
dc.date.accessioned2013-11-14T18:35:58Z
dc.date.available2013-11-14T18:35:58Z
dc.date.issued2007-01-19
dc.identifier.citationTandon, G., Chan, P.K. (2007). Detecting anomalies by weighted rules (CS-2007-01). Melbourne, FL. Florida Institute of Technology.en_US
dc.identifier.otherCS-2007-01
dc.identifier.urihttp://hdl.handle.net/11141/168
dc.description.abstractAnomaly detection focuses on modeling the normal behavior and identifying significant deviations, which could be novel attacks. The previously proposed LERAD algorithm can efficiently learn a succinct set of comprehensible rules for detecting anomalies. We conjecture that LERAD eliminates rules with possibly high coverage, which can lead to missed detections. This study proposes weights that approximate rule confidence and are learned incrementally. We evaluate our algorithm on various network and host datasets. Compared to LERAD, our technique detects more attacks at low false alarm rates with minimal computational overhead.en_US
dc.language.isoen_USen_US
dc.rightsCopyright held by authors.en_US
dc.titleDetecting anomalies by weighted rulesen_US
dc.typeTechnical Reporten_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record