@inproceedings{85fa6d93d8194941921867466ece12a1,
title = "Anomaly detection of computer usage using artificial intelligence techniques",
abstract = "Intrusion detection systems (IDS) aim to detect attacks against computer systems by monitoring the behavior of users, networks, or computer systems. Attacks against computer systems are still largely successful despite the plenty of intrusion prevention techniques available. This paper presents an IDS based on anomaly detection using several AI techniques. Anomaly detection models normal behaviors and attempts to detect intrusions by noting significant deviations from normal behavior. Raw audit data are preprocessed and reduced into appropriate size and format using Self-Organizing Map (SOM). Different aspects of a sequence of events are modeled by several hidden Markov models (HMMs), and a voting technique combines the models to determine whether current behavior is normal or not. Several experiments are conducted to explore the optimal data reduction and modeling method. For the optimal measures, system call and file access related measures are found useful and overall performance depends on the map size for each measure. Voting technique leads to more reliable detection rate.",
author = "Jongho Choy and Cho, {Sung Bae}",
note = "Publisher Copyright: {\textcopyright} 2001 Springer-Verlag Berlin Heidelberg. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.; 6th Pacific Rim International Conference on Artificial Intelligence, PRICAI 2000 ; Conference date: 28-08-2000 Through 01-09-2000",
year = "2001",
doi = "10.1007/3-540-45408-x_5",
language = "English",
isbn = "3540425977",
series = "Lecture Notes in Artificial Intelligence (Subseries of Lecture Notes in Computer Science)",
publisher = "Springer Verlag",
pages = "31--43",
editor = "Ryszard Kowalczyk and Loke, {Seng W.} and Reed, {Nancy E.} and Graham Williams",
booktitle = "Advances in Artificial Intelligence",
address = "Germany",
}