Case-based reasoning for intrusion detection

Recently there has been significant interest in applying artificial intelligence (AI) techniques to the intrusion detection problem. Attempts have been made to develop rule based and model based expert systems for intrusion detection. Although these systems have been useful for detecting intruders, they face difficulties in acquiring and representing the knowledge. We present and describe a case based reasoning approach to intrusion detection which alleviates some of the difficulties of current approaches.

[1]  Phillip A. Porras,et al.  STAT -- A State Transition Analysis Tool For Intrusion Detection , 1993 .

[2]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[3]  Koral Ilgun,et al.  USTAT: a real-time intrusion detection system for UNIX , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[4]  Gunar E. Liepins,et al.  Detection of anomalous computer session activity , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[5]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[6]  Bruce G. Buchanan,et al.  The MYCIN Experiments of the Stanford Heuristic Programming Project , 1985 .

[7]  Janet L. Kolodner,et al.  Case-Based Reasoning , 1989, IJCAI 1989.

[8]  Lotfi A. Zadeh,et al.  Fuzzy Sets , 1996, Inf. Control..