ADAM
- 1 December 2001
- journal article
- Published by Association for Computing Machinery (ACM) in ACM SIGMOD Record
- Vol. 30 (4) , 15-24
- https://doi.org/10.1145/604264.604268
Abstract
Intrusion detection systems have traditionally been based on the characterization of an attack and the tracking of the activity on the system to see if it matches that characterization. Recently, new intrusion detection systems based on data mining are making their appearance in the field. This paper describes the design and experiences with the ADAM (Audit Data Analysis and Mining) system, which we use as a testbed to study how useful data mining techniques can be in intrusion detection.Keywords
This publication has 4 references indexed in Scilit:
- Detecting Novel Network Intrusions Using Bayes EstimatorsPublished by Society for Industrial & Applied Mathematics (SIAM) ,2001
- Fast Effective Rule InductionPublished by Elsevier ,1995
- Mining association rules between sets of items in large databasesPublished by Association for Computing Machinery (ACM) ,1993
- An Intrusion-Detection ModelIEEE Transactions on Software Engineering, 1987