Automatically assigned DDC number: 00633
Manually assigned DDC number: 006312
Number of references: 8
Title: The Use of Information Retrieval Techniques for Intrusion Detection
Author:
Author:
Subject: Ross Anderson,Abida Khattak The Use of Information Retrieval Techniques for Intrusion Detection
Description: Intrusion detection is a broad problem, and we need a greater range of tools than is currently available. In this article, we report a new approach. We have applied information retrieval techniques to index audit trails. These indexes can be extremely efficient at detecting attacks whose signature is an unusual combination of events, and they may consume only a very small additional amount of storage. This approach allows the intrusion detection community to adopt a wide range of techniques developed in applications ranging from library science to web search engines.
Contributor: The Pennsylvania State University CiteSeer Archives
Publisher: unknown
Date: 1998-07-27
Pubyear: 1997
Format: ps
Identifier: http://citeseer.ist.psu.edu/149044.html
Source: http://www.cl.cam.ac.uk/ftp/users/rja14/raid.ps.gz
Language: en
Relation:
Relation:
Relation:
Relation:
Relation:
Relation:
Relation:
Relation:
Rights: unrestricted
<?xml version="1.0" encoding="UTF-8"?>
<references_metadata>
<rec ID="/264966.html" Type="incollection" CiteSeer_Book="William Stallings Practical Cryptography for Data Internetworks IEEE Computer Society Press 1996" CiteSeer_Volume="" Title="Why Cryptosystems Fail, from Communications of the {ACM}, November, 1994," />
<rec ID="/295.html" Type="inproceedings" CiteSeer_Book="Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy" CiteSeer_Volume="" Title="Self-Nonself Discrimination in a Computer,">
<identifier Org="ISBN:030909612X" Paper_ID="/295.html" Extracted="030909612X" DDC="570.285" Normalized_DDC="570285" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0309103959" Paper_ID="/295.html" Extracted="0309103959" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0780335279" Paper_ID="/295.html" Extracted="0780335279" />
<identifier Org="ISBN:0818656778" Paper_ID="/295.html" Extracted="0818656778" />
<identifier Org="ISBN:0818675225" Paper_ID="/295.html" Extracted="0818675225" />
<identifier Org="ISBN:1420065459" Paper_ID="/295.html" Extracted="1420065459" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1852335947" Paper_ID="/295.html" Extracted="1852335947" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540221158" Paper_ID="/295.html" Extracted="3540221158" DDC="004" Normalized_DDC="004" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540223444" Paper_ID="/295.html" Extracted="3540223444" DDC="006.31" Normalized_DDC="00631" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540230971" Paper_ID="/295.html" Extracted="3540230971" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540233393" Paper_ID="/295.html" Extracted="3540233393" DDC="003/.54" Normalized_DDC="00354" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540260099" Paper_ID="/295.html" Extracted="3540260099" DDC="003" Normalized_DDC="003" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540283250" Paper_ID="/295.html" Extracted="3540283250" DDC="006.3/2" Normalized_DDC="00632" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:354033520X" Paper_ID="/295.html" Extracted="354033520X" DDC="006.3/3" Normalized_DDC="00633" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540406026" Paper_ID="/295.html" Extracted="3540406026" DDC="006.3/1" Normalized_DDC="00631" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540407669" Paper_ID="/295.html" Extracted="3540407669" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:354042671X" Paper_ID="/295.html" Extracted="354042671X" DDC="005.1" Normalized_DDC="0051" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540673385" Paper_ID="/295.html" Extracted="3540673385" DDC="004.22" Normalized_DDC="00422" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540739211" Paper_ID="/295.html" Extracted="3540739211" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540747680" Paper_ID="/295.html" Extracted="3540747680" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
</rec>
<rec ID="/7692.html" Type="inproceedings" CiteSeer_Book="Proceedinges of the 1996 IEEE Symposium on Research in Security and Privacy" CiteSeer_Volume="" Title="A Sense of Self for {U}nix Processes," />
<rec ID="/176306.html" Type="inproceedings" CiteSeer_Book="Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy" CiteSeer_Volume="" Title="{USTAT}: {A} Real-Time Intrusion Detection System for {UNIX},">
<identifier Org="ISBN:0300064837" Paper_ID="/176306.html" Extracted="0300064837" DDC="345.73/05" Normalized_DDC="3457305" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0387280405" Paper_ID="/176306.html" Extracted="0387280405" DDC="621.382" Normalized_DDC="621382" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0387342230" Paper_ID="/176306.html" Extracted="0387342230" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0387485325" Paper_ID="/176306.html" Extracted="0387485325" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0792378482" Paper_ID="/176306.html" Extracted="0792378482" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0818633700" Paper_ID="/176306.html" Extracted="0818633700" />
<identifier Org="ISBN:1402070543" Paper_ID="/176306.html" Extracted="1402070543" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:140207624X" Paper_ID="/176306.html" Extracted="140207624X" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1578701856" Paper_ID="/176306.html" Extracted="1578701856" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1586032542" Paper_ID="/176306.html" Extracted="1586032542" />
<identifier Org="ISBN:1586037803" Paper_ID="/176306.html" Extracted="1586037803" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1591406404" Paper_ID="/176306.html" Extracted="1591406404" DDC="363.32/0285" Normalized_DDC="363320285" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:159454316X" Paper_ID="/176306.html" Extracted="159454316X" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1599040905" Paper_ID="/176306.html" Extracted="1599040905" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1931695369" Paper_ID="/176306.html" Extracted="1931695369" />
<identifier Org="ISBN:3540205896" Paper_ID="/176306.html" Extracted="3540205896" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540298304" Paper_ID="/176306.html" Extracted="3540298304" DDC="511.3/22" Normalized_DDC="511322" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540298495" Paper_ID="/176306.html" Extracted="3540298495" DDC="621.392" Normalized_DDC="621392" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540427023" Paper_ID="/176306.html" Extracted="3540427023" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540715487" Paper_ID="/176306.html" Extracted="3540715487" DDC="006.3/3" Normalized_DDC="00633" Normalized_Weight="0.058823529411764705" />
</rec>
<rec ID="/95360.html" Type="article" CiteSeer_Book="Software Engineering" CiteSeer_Volume="21" Title="State Transition Analysis: A Rule-Based Intrusion Detection Approach,">
<identifier Org="ISBN:0300064837" Paper_ID="/95360.html" Extracted="0300064837" DDC="345.73/05" Normalized_DDC="3457305" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:0387021086" Paper_ID="/95360.html" Extracted="0387021086" DDC="629.8" Normalized_DDC="6298" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:0387242260" Paper_ID="/95360.html" Extracted="0387242260" DDC="305.8" Normalized_DDC="3058" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:0471222011" Paper_ID="/95360.html" Extracted="0471222011" DDC="004.67/8/03" Normalized_DDC="00467803" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:0471222046" Paper_ID="/95360.html" Extracted="0471222046" DDC="004.67/8/03" Normalized_DDC="00467803" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:0792378482" Paper_ID="/95360.html" Extracted="0792378482" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:0818631155" Paper_ID="/95360.html" Extracted="0818631155" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:140207624X" Paper_ID="/95360.html" Extracted="140207624X" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:1591403464" Paper_ID="/95360.html" Extracted="1591403464" DDC="658.4/78" Normalized_DDC="658478" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:1599049430" Paper_ID="/95360.html" Extracted="1599049430" DDC="658.8/72" Normalized_DDC="658872" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:1931695369" Paper_ID="/95360.html" Extracted="1931695369" />
<identifier Org="ISBN:1931695415" Paper_ID="/95360.html" Extracted="1931695415" />
<identifier Org="ISBN:3540202374" Paper_ID="/95360.html" Extracted="3540202374" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:3540298304" Paper_ID="/95360.html" Extracted="3540298304" DDC="511.3/22" Normalized_DDC="511322" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:3540401563" Paper_ID="/95360.html" Extracted="3540401563" DDC="004" Normalized_DDC="004" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:3540427023" Paper_ID="/95360.html" Extracted="3540427023" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:3540715487" Paper_ID="/95360.html" Extracted="3540715487" DDC="006.3/3" Normalized_DDC="00633" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:3540723595" Paper_ID="/95360.html" Extracted="3540723595" DDC="004" Normalized_DDC="004" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:3540741704" Paper_ID="/95360.html" Extracted="3540741704" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.05555555555555555" />
<identifier Org="ISBN:9051992408" Paper_ID="/95360.html" Extracted="9051992408" DDC="004.6" Normalized_DDC="0046" Normalized_Weight="0.05555555555555555" />
</rec>
<rec ID="/4799.html" Type="inproceedings" CiteSeer_Book="Proceedings of the 7th USENIX Security Symposium" CiteSeer_Volume="" Title="Data mining approaches for intrusion detection,">
<identifier Org="ISBN:0300064837" Paper_ID="/4799.html" Extracted="0300064837" DDC="345.73/05" Normalized_DDC="3457305" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0387242260" Paper_ID="/4799.html" Extracted="0387242260" DDC="305.8" Normalized_DDC="3058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0387264094" Paper_ID="/4799.html" Extracted="0387264094" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:0898715458" Paper_ID="/4799.html" Extracted="0898715458" DDC="006.3/12" Normalized_DDC="006312" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1402070543" Paper_ID="/4799.html" Extracted="1402070543" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:1591406404" Paper_ID="/4799.html" Extracted="1591406404" DDC="363.32/0285" Normalized_DDC="363320285" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540007164" Paper_ID="/4799.html" Extracted="3540007164" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540208275" Paper_ID="/4799.html" Extracted="3540208275" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540221255" Paper_ID="/4799.html" Extracted="3540221255" />
<identifier Org="ISBN:3540259147" Paper_ID="/4799.html" Extracted="3540259147" DDC="006.32" Normalized_DDC="00632" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540260730" Paper_ID="/4799.html" Extracted="3540260730" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540263195" Paper_ID="/4799.html" Extracted="3540263195" DDC="006.32" Normalized_DDC="00632" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540269231" Paper_ID="/4799.html" Extracted="3540269231" DDC="006.31" Normalized_DDC="00631" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:354027894X" Paper_ID="/4799.html" Extracted="354027894X" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540401245" Paper_ID="/4799.html" Extracted="3540401245" DDC="004.67/8" Normalized_DDC="004678" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:354040161X" Paper_ID="/4799.html" Extracted="354040161X" DDC="004" Normalized_DDC="004" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:354040550X" Paper_ID="/4799.html" Extracted="354040550X" DDC="005.74" Normalized_DDC="00574" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540408789" Paper_ID="/4799.html" Extracted="3540408789" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.058823529411764705" />
<identifier Org="ISBN:3540770852" Paper_ID="/4799.html" Extracted="3540770852" />
<identifier Org="ISBN:3642013066" Paper_ID="/4799.html" Extracted="3642013066" />
</rec>
<rec ID="/1331.html" Type="inproceedings" CiteSeer_Book="Proceedings of the USENIX Winter 1994 Technical Conference" CiteSeer_Volume="" Title="{GLIMPSE}: {A} Tool to Search Through Entire File Systems,">
<identifier Org="ISBN:0126208611" Paper_ID="/1331.html" Extracted="0126208611" DDC="006.7/6" Normalized_DDC="00676" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0387233784" Paper_ID="/1331.html" Extracted="0387233784" DDC="519.2" Normalized_DDC="5192" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0672307456" Paper_ID="/1331.html" Extracted="0672307456" DDC="005.754" Normalized_DDC="005754" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0792373499" Paper_ID="/1331.html" Extracted="0792373499" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0818680105" Paper_ID="/1331.html" Extracted="0818680105" DDC="025/.00285" Normalized_DDC="02500285" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0849308852" Paper_ID="/1331.html" Extracted="0849308852" DDC="004" Normalized_DDC="004" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0897916956" Paper_ID="/1331.html" Extracted="0897916956" DDC="004.24" Normalized_DDC="00424" Normalized_Weight="0.0625" />
<identifier Org="ISBN:089791970X" Paper_ID="/1331.html" Extracted="089791970X" DDC="005.74" Normalized_DDC="00574" Normalized_Weight="0.0625" />
<identifier Org="ISBN:0898714907" Paper_ID="/1331.html" Extracted="0898714907" />
<identifier Org="ISBN:1402078242" Paper_ID="/1331.html" Extracted="1402078242" DDC="006.33" Normalized_DDC="00633" Normalized_Weight="0.0625" />
<identifier Org="ISBN:1581130619" Paper_ID="/1331.html" Extracted="1581130619" DDC="005.74" Normalized_DDC="00574" Normalized_Weight="0.0625" />
<identifier Org="ISBN:3540201297" Paper_ID="/1331.html" Extracted="3540201297" DDC="610/.285/63" Normalized_DDC="61028563" Normalized_Weight="0.0625" />
<identifier Org="ISBN:3540418261" Paper_ID="/1331.html" Extracted="3540418261" DDC="025.04" Normalized_DDC="02504" Normalized_Weight="0.0625" />
<identifier Org="ISBN:3540434003" Paper_ID="/1331.html" Extracted="3540434003" DDC="004" Normalized_DDC="004" Normalized_Weight="0.0625" />
<identifier Org="ISBN:3540644938" Paper_ID="/1331.html" Extracted="3540644938" DDC="025.04" Normalized_DDC="02504" Normalized_Weight="0.0625" />
<identifier Org="ISBN:3540651012" Paper_ID="/1331.html" Extracted="3540651012" DDC="025/.00285" Normalized_DDC="02500285" Normalized_Weight="0.0625" />
<identifier Org="ISBN:3540666524" Paper_ID="/1331.html" Extracted="3540666524" DDC="004" Normalized_DDC="004" Normalized_Weight="0.0625" />
</rec>
<rec ID="/26236.html" Type="article" CiteSeer_Book="IEEE Transactions on Software Engineering" CiteSeer_Volume="22" Title="A Methodology for Testing Intrusion Detection Systems,">
<identifier Org="ISBN:0321246772" Paper_ID="/26236.html" Extracted="0321246772" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.14285714285714285" />
<identifier Org="ISBN:0672324598" Paper_ID="/26236.html" Extracted="0672324598" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.14285714285714285" />
<identifier Org="ISBN:0780395190" Paper_ID="/26236.html" Extracted="0780395190" />
<identifier Org="ISBN:078039979X" Paper_ID="/26236.html" Extracted="078039979X" />
<identifier Org="ISBN:0824722965" Paper_ID="/26236.html" Extracted="0824722965" />
<identifier Org="ISBN:0849339391" Paper_ID="/26236.html" Extracted="0849339391" DDC="005.1" Normalized_DDC="0051" Normalized_Weight="0.14285714285714285" />
<identifier Org="ISBN:1578701856" Paper_ID="/26236.html" Extracted="1578701856" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.14285714285714285" />
<identifier Org="ISBN:158488360X" Paper_ID="/26236.html" Extracted="158488360X" DDC="004" Normalized_DDC="004" Normalized_Weight="0.14285714285714285" />
<identifier Org="ISBN:1584883812" Paper_ID="/26236.html" Extracted="1584883812" DDC="006.7/6" Normalized_DDC="00676" Normalized_Weight="0.14285714285714285" />
<identifier Org="ISBN:3540000208" Paper_ID="/26236.html" Extracted="3540000208" />
<identifier Org="ISBN:3540001646" Paper_ID="/26236.html" Extracted="3540001646" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.14285714285714285" />
</rec>
<rec ID="SELF" Type="SELF" CiteSeer_Book="SELF" CiteSeer_Volume="SELF" Title="The Use of Information Retrieval Techniques for Intrusion Detection">
<identifier Org="ISBN:0120121603" Paper_ID="SELF" Extracted="0120121603" />
<identifier Org="ISBN:0769511465" Paper_ID="SELF" Extracted="0769511465" />
<identifier Org="ISBN:1402080891" Paper_ID="SELF" Extracted="1402080891" />
<identifier Org="ISBN:1578701856" Paper_ID="SELF" Extracted="1578701856" DDC="005.8" Normalized_DDC="0058" Normalized_Weight="0.16666666666666666" />
<identifier Org="ISBN:1591403464" Paper_ID="SELF" Extracted="1591403464" DDC="658.4/78" Normalized_DDC="658478" Normalized_Weight="0.16666666666666666" />
<identifier Org="ISBN:1599049430" Paper_ID="SELF" Extracted="1599049430" DDC="658.8/72" Normalized_DDC="658872" Normalized_Weight="0.16666666666666666" />
<identifier Org="ISBN:3540231234" Paper_ID="SELF" Extracted="3540231234" DDC="158/.35" Normalized_DDC="15835" Normalized_Weight="0.16666666666666666" />
<identifier Org="ISBN:3540288945" Paper_ID="SELF" Extracted="3540288945" DDC="006.3" Normalized_DDC="0063" Normalized_Weight="0.16666666666666666" />
<identifier Org="ISBN:3540715487" Paper_ID="SELF" Extracted="3540715487" DDC="006.3/3" Normalized_DDC="00633" Normalized_Weight="0.16666666666666666" />
</rec>
</references_metadata>