Advances in Information Security

By: Daniel BarbarÃ¡ (Editor), Sushil Jajodia (Editor)

Write A Review

Hardcover | 31 May 2002

At a Glance

Hardcover
276 Pages

Dimensions(cm)
23.5 x 15.88 x 1.91

Hardcover

$169.00

or 4 interest-free payments of $42.25 with

Ships in 5 to 7 business days

Data mining is becoming a pervasive technology in activities as diverse as using historical data to predict the success of a marketing campaign, looking for patterns in financial transactions to discover illegal activities or analyzing genome sequences. From this perspective, it was just a matter of time for the discipline to reach the important area of computer security. This text presents a collection of research efforts on the use of data mining in computer security. Data mining has been loosely defined as the process of extracting information from large amounts of data. In the context of security, the information we are seeking is the knowledge of whether a security breach has been experienced, and if the answer is yes, who is the perpetrator. This information could be collected in the context of discovering intrusions that aim to breach the privacy of services, data in a computer system or alternatively, in the context of discovering evidence left in a computer system as part of criminal activity. The book concentrates heavily on the use of data mining in the area of intrusion detection. The reason for this is twofold. First, the volume of data dealing with both network and host activity is so large that it makes it an ideal candidate for using data mining techniques. Second, intrusion detection is an extremely critical activity. The text also addresses the application of data mining to computer forensics. This is a crucial area that seeks to address the needs of law enforcement in analyzing the digital evidence.

Shipping

	Standard Shipping	Express Shipping
Metro postcodes:	$9.99	$14.95
Regional postcodes:	$9.99	$14.95
Rural postcodes:	$9.99	$14.95

Orders over $89.00 qualify for free shipping.

How to return your order

At Booktopia, we offer hassle-free returns in accordance with our returns policy. If you wish to return an item, please get in touch with Booktopia Customer Care.

Additional postage charges may be applicable.

Defective items

If there is a problem with any of the items received for your order then the Booktopia Customer Care team is ready to assist you.

For more info please visit our Help Centre.

You Can Find This Book In

Non-Fiction Computing & I.T.Databases Data Mining Computer Security Data Encryption Medicine Medicine in General Computer Science Artificial Intelligence Computer Networking & Communications Computer Hardware

Network Hardware

List of Figures	p. xiii
List of Tables	p. xvii
Preface	p. xix
Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt	p. 1
Introduction	p. 2
Detection Strategies	p. 3
Misuse Detection	p. 4
Expert Systems	p. 4
Signature Analysis	p. 5
State-Transition Analysis	p. 6
Data Mining	p. 7
Other Approaches	p. 8
Anomaly Detection	p. 8
Statistical Methods	p. 9
Expert Systems	p. 10
Data Mining	p. 10
Other Approaches	p. 12
Data Sources	p. 12
Degrees of Attack Guilt	p. 14
Misuse Detection	p. 15
Knowledge-Based Methods	p. 16
Machine-Learning Methods	p. 17
Anomaly Detection	p. 18
Knowledge-Based Methods	p. 18
Statistical Methods	p. 19
Machine-Learning Methods	p. 20
Conclusion	p. 25
References	p. 25
Data Mining for Intrusion Detection	p. 33
Introduction	p. 33
Data Mining Basics	p. 34
Data Mining, KDD, and Related Fields	p. 34
Some Data Mining Techniques	p. 36
Association Rules	p. 37
Frequent Episode Rules	p. 38
Classification	p. 39
Clustering	p. 40
Research Challenges in Data Mining	p. 40
Data Mining Meets Intrusion Detection	p. 41
MADAM ID	p. 43
ADAM	p. 45
Clustering of Unlabeled ID Data	p. 46
Mining the Alarm Stream	p. 47
Further Reading	p. 49
Observations on the State of the Art	p. 50
Data Mining, but no Knowledge Discovery	p. 50
Disregard of Other KDD Steps	p. 51
Too Strong Assumptions	p. 52
Narrow Scope of Research Activities	p. 53
Future Research Directions	p. 54
Summary	p. 56
References	p. 57
An Architecture for Anomaly Detection	p. 63
Introduction	p. 63
Architecture	p. 65
Filter	p. 65
Profile	p. 67
Profile Builder	p. 67
Diagnoser	p. 67
ADAM: an implementation of the architecture	p. 67
Experiences	p. 72
Breaking the dependency on training data	p. 73
Future	p. 74
References	p. 75
A Geometric Framework for Unsupervised Anomaly Detection	p. 77
Introduction	p. 78
Unsupervised Anomaly Detection	p. 81
A Geometric Framework for Unsupervised Anomaly Detection	p. 83
Feature Spaces	p. 83
Kernel Functions	p. 84
Convolution Kernels	p. 85
Detecting Outliers in Feature Spaces	p. 85
Algorithm 1: Cluster-based Estimation	p. 86
Algorithm 2: K-nearest neighbor	p. 87
Algorithm 3: One Class SVM	p. 89
Feature Spaces for Intrusion Detection	p. 91
Data-dependent Normalization Kernels	p. 92
Kernels for Sequences: The Spectrum Kernel	p. 92
Experiments	p. 93
Performance measures	p. 93
Data Set Descriptions	p. 94
Experimental Setup	p. 95
Experimental Results	p. 96
Discussion	p. 98
References	p. 99
Fusing a Heterogeneous Alert Stream into Scenarios	p. 103
Introduction	p. 104
Fusion Approach	p. 105
Architecture	p. 106
Definitions	p. 107
Probability Assignment	p. 108
Data Sources and Use	p. 108
Naive Technique	p. 111
Heuristic Technique	p. 112
Data Mining Techniques	p. 114
Experimental Results	p. 115
Naive Technique	p. 116
Heuristic Technique	p. 117
Data Mining Techniques	p. 117
System Benefits	p. 119
Discussion and Summary	p. 120
References	p. 120
Using MIB II Variables for Network Intrusion Detection	p. 123
Introduction	p. 124
Background	p. 125
MIB II	p. 125
Entropy and Conditional Entropy	p. 126
Model Construction	p. 127
Model Architecture	p. 127
Anomaly Detection Module	p. 129
Anomaly Detection Model Design Overview	p. 129
Anomaly Detection Module Construction	p. 129
Experiments and Performance Evaluation	p. 134
Normal Data Sets	p. 134
Evaluation under Attacks	p. 135
Misuse Detection	p. 135
Anomaly Detection	p. 140
Discussion	p. 146
Related Work	p. 148
Conclusions and Future Work	p. 149
References	p. 149
Adaptive Model Generation	p. 153
Introduction	p. 154
Components of Adaptive Model Generation	p. 157
Real Time Components	p. 159
Data Warehouse	p. 163
Detection Model Management	p. 165
Data Analysis Engines	p. 167
Efficiency consideration	p. 174
Capabilities of Adaptive Model Generation	p. 175
Real Time Detection Capabilities	p. 175
Automatic Data Collection and Data Warehousing	p. 175
Model Generation and Management	p. 176
Data Analysis Capabilities	p. 176
Correlation of Multiple Sensors	p. 178
Model Generation Algorithms	p. 179
Misuse Detection	p. 179
Anomaly Detection	p. 179
Unsupervised Anomaly Detection	p. 180
Model Generation Example: SVM	p. 180
SVM Algorithm	p. 181
SVM for Misuse Detection in AMG	p. 182
Unsupervised SVM Algorithm	p. 183
Unsupervised SVM for Unsupervised Anomaly Detection	p. 184
System Example 1: Registry Anomaly Detection	p. 185
The RAD Data Model	p. 185
The RAD Sensor	p. 185
The RAD Classification Algorithm	p. 186
The RAD Detector	p. 187
System Example 2: HAUNT	p. 187
HAUNT Sensor	p. 188
HAUNT Classification Algorithm	p. 188
HAUNT Detector	p. 188
HAUNT Feature Extraction	p. 189
Conclusion	p. 190
References	p. 191
Proactive Intrusion Detection	p. 195
Introduction	p. 196
Information Assurance, Data Mining, and Proactive Intrusion Detection	p. 198
Intrusion Detection Systems	p. 198
A Thought Experiment	p. 198
Proactive Intrusion Detection	p. 204
A methodology for discovering precursors - Assumptions, Objectives, Procedure and Analysis	p. 206
Notation and Definitions	p. 206
Time Series, Multivariate Time Series and Collections	p. 206
Events, Event Sequences, Causal Rules and Precursor Rules	p. 207
Assumptions, Problem Set-Up, Objectives and Procedure	p. 208
Analysis - Detection and Gradation of Causality in Time Series	p. 211
Notation and Definitions	p. 211
The Granger Causality Test as an Exploratory Tool	p. 212
GCT and the Extraction of Precursor Rules - Modeling and Theoretical Developments	p. 213
A Case Study - Precursor Rules for Distributed Denial of Service Attacks	p. 217
DDoS Attacks and the experiments	p. 217
TFN2K Ping Flood - Extracting Precursor Rules	p. 219
Conclusions	p. 222
References	p. 223
E-mail Authorship Attribution for Computer Forensics	p. 229
Introduction and Motivation	p. 230
Computer Forensics	p. 230
E-mail Forensics	p. 232
Authorship Attribution	p. 234
E-mail Authorship Attribution	p. 238
Support Vector Machine Classifier	p. 239
E-mail Corpus and Methodology	p. 240
Results and Discussion	p. 244
Conclusions	p. 246
References	p. 247
Table of Contents provided by Syndetics. All Rights Reserved.

Advances in Information Security

At a Glance

Hardcover

Shipping

How to return your order

Defective items

You Can Find This Book In

More in Network Hardware

Machine Learning, Optimization, and Data Science

11th International Conference, LOD 2025, Castiglione della Pescaia, Italy, September 21â"24, 2025, Revised Selected Papers, Part II

Security Standardisation Research

10th International Conference, SSR 2025, Passau, Germany, December 4â"5, 2025, Proceedings

Applied Embedded Electronics

Design Essentials for Robust Systems

Machine Learning for Networking

8th International Conference, MLN 2025, Paris, France, December 2â"4, 2025, Revised Selected Papers

Computational Intelligence in Communications and Business Analytics

7th International Conference, CICBA 2025, Kolkata, India, July 4-6, 2025, Revised Selected Papers, Part III

New IPv6 Transition Technology

IPv6-Only, IPv6-Mostly and IPv4 as a Service

Semantic Communications

Textbooks in Telecommunication Engineering

Computational Intelligence in Communications and Business Analytics

7th International Conference, CICBA 2025, Kolkata, India, July 4-6, 2025, Revised Selected Papers, Part II

PRICAI 2025: Trends in Artificial Intelligence

22nd Pacific Rim International Conference on Artificial Intelligence, PRICAI 2025, Wellington, New Zealand, November 17â"21, 2025, Proceedings, Part V

Emerging Technologies for Developing Countries

8th EAI International Conference, AFRICATEK 2025, Tunis, Tunisia, June 11â"13, 2025, Proceedings, Part II

Frontier Computing: Vol 1

Theory, Technologies and Applications (FC 2025)

Social Robotics + BioMed

17th International Conference on Social Robotics + BioMed, ICSR + BioMed 2025, Xi'an, China, September 26-28, Proceedings

Emerging Electronics and Automation, Volume 2

Select Proceedings of the 4th International Conference, E2A 2024

7th EAI International Conference on Big Data Innovation for Sustainable Cognitive Computing

EAI BDCC 2024

The Web Beneath the Waves

The Fragile Cables that Connect our World

Jumpstarting the Raspberry Pi Zero W

Control the World Around You with a $10 Computer

Sync Problems Collection

Synchronization and Time Distribution in Telecommunications

Recent Challenges in Intelligent information and Database Systems

18th Asian Conference, ACIIDS 2026, Kaohsiung, Taiwan, April 13-15, 2026, Proceedings, Part I

Artificial Intelligence for Sustainability and Global Security

IFIP WG 12.11 and WG 12.13 International Workshops, IJCAI 2025, Montreal, QC, Canada, August 16-17, 2025, Revised Selected Papers

Euro-Par 2025: Parallel Processing Workshops

Euro-Par 2025 Satellite Events, Dresden, Germany, August 25â"29, 2025, Revised Selected Papers

6G Non-Terrestrial Networking

Architectures, Technologies, and Simulations

Context-Aware Systems and Applications

14th EAI International Conference, ICCASA 2025, Ho Chi Minh City, Vietnam, October 15-16, 2025, Proceedings

Ubi-Media Computing, Pervasive Systems, Algorithms and Networks

14th International Conference on Ubi-Media Computing, Ubi-Media 2026, Penang, Malaysia, January 18-22, 2026, Proceedings

Smart Cities, Green Technologies, and Intelligent Transport Systems

13th International Conference, SMARTGREENS 2024, and 10th International Conference, VEHITS 2024, Angers, France, May 2â"4, 2024, Revised Selected Papers

This product is categorised by