ADAM: A testbed for exploring the use of data mining in intrusion detection

Citation
D. Barbara et al., ADAM: A testbed for exploring the use of data mining in intrusion detection, SIG RECORD, 30(4), 2001, pp. 15-24
Citations number
27
Categorie Soggetti
Computer Science & Engineering
Journal title
SIGMOD RECORD
ISSN journal
01635808 → ACNP
Volume
30
Issue
4
Year of publication
2001
Pages
15 - 24
Database
ISI
SICI code
0163-5808(200112)30:4<15:AATFET>2.0.ZU;2-Y
Abstract
Intrusion detection systems have traditionally been based on the characteri zation of an attack and the tracking of the activity on the system to see i f it matches that characterization. Recently, new intrusion detection syste ms based on data mining are making their appearance in the field. This pape r describes the design and experiences with the ADAM (Audit Data Analysis a nd Mining) system, which we use as a testbed to study how useful data minin g techniques can be in intrusion detection.