A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection

10.1002/1098-111X(200008)15:8<687::AID-INT1>3.0.CO;2-X

10.1016/j.asoc.2008.06.001

zhengbing, 0, A novel network intrusion detection system (NIDS) based on signatures search of data mining, Proc 1st Int Conf Forensic Appl Techn Telecommun Inf Multimedia Workshop (e-Forensics &#x2018;08), 10

10.1007/978-3-642-30220-6_2

10.1016/S0019-9958(65)90241-X

10.1145/273244.273257

baralis, 2008, Generalized Itemset Discovery by Means of Opportunistic Aggregation

2014, Politecnico di Torino Analyzer 3 0

10.1016/j.comnet.2008.12.011

han, 0, Using data mining to discover signatures in network-based intrusion detection, Proc IEEE Comput Graph Appl, 212

bivens, 2002, Network-based intrusion detection using neural networks, Intell Eng Syst Artificial Neural Networks, 12, 579

10.1016/S1389-1286(00)00140-7

10.1145/170035.170072

stolfo, 2014, Kdd Cup 1999 Data Set

10.1016/0893-6080(89)90020-8

tavallaee, 0, A detailed analysis of the KDD Cup 1999 data set, Proc IEEE Symp Comput Intell Secur Defense Appl, 1

cannady, 0, Artificial neural networks for misuse detection, Proc 1998 Nat Inf Syst Secur Conf, 443

10.1037/h0042519

10.1016/j.ins.2007.03.025

10.1145/2046684.2046699

brauckhoff, 0, Flame: A low-level anomaly modeling engine, Proc Conf Cyber Security Exper Test

2015, IBM

10.1117/12.775886

10.1007/978-1-4614-7597-2_10

freund, 0, Experiments with a new boosting algorithm, Proc 13th Int Conf Mach Learn, 96, 148

10.1109/MCAS.2006.1688199

10.1145/2584679

10.1145/2584679

10.1007/978-3-540-45248-5_10

quinlan, 1993, C4 5 Programs for Machine Learning

10.1007/BF00116251

10.1145/775047.775103

10.1007/978-94-011-5014-9_11

10.1016/j.cose.2008.08.003

10.1109/SURV.2008.080406

10.1016/j.asoc.2009.06.019

10.1109/SURV.2010.032210.00054

10.1145/240455.240464

10.1038/30918

10.1023/A:1024600519144

shearer, 2000, The CRISP-DM model: The new blueprint for data mining, J Data Warehousing, 5, 13

jain, 1988, Algorithms for clustering data

benferhat, 0, A Na&#x00EF;ve Bayes approach for detecting coordinated attacks, Proc 32nd Annu IEEE Int Comput Software Appl Conf, 704

10.1177/104649647100200201

leung, 0, Unsupervised anomaly detection in network intrusion detection using clusters, Proc 28th Australas Conf Comput Sci, 38, 333

livadas, 0, Using machine learning techniques to identify botnet traffic, Proc 31st IEEE Conf Local Comput Netw, 967

10.1007/978-1-4757-3502-4

10.1109/CSAC.2003.1254306

10.1109/ISI.2007.379535

li, 0, Using genetic algorithms for network intrusion detection, Proc U S Dept Energy Cyber Secur Group 2004 Train Conf, 1

10.1016/0167-2789(86)90240-X

10.1109/4235.585892

10.1109/ICNN.1995.488968

khan, 2011, Rule-based network intrusion detection using genetic algorithms, Int J Comput Appl, 18, 26

jolliffe, 2002, Principal Component Analysis

abraham, 2007, Evolutionary design of intrusion detection programs, Int J Netw Secur, 4, 328

10.1016/j.dss.2006.04.004

10.1111/j.0824-7935.2004.00247.x

markov, 1971, Extension of the limit theorems of probability theory to a sum of variables connected in a chain, Dynamic Probabilistic Systems, 1

long, 2007, Boosting the area under the ROC curve, Adv Neural Inf Process Syst, 945

10.1109/TSMCC.2008.923876

10.1023/A:1010933404324

10.1109/CNSR.2007.22

10.1214/aos/1176347963

10.1016/j.jnca.2004.01.003

10.1145/2420950.2420969

10.1023/A:1022602019183

koza, 1992, Genetic Programming On the Programming of Computers by Means of Natural Selection

10.1109/SURV.2013.052213.00046

10.4249/scholarpedia.1965

mukkamala, 2005, Cyber security challenges: Designing efficient intrusion detection systems and antivirus tools, Enhancing Computer Security With Smart Technology, 125

ester, 1996, A density-based algorithm for discovering clusters in large spatial databases with noise, Knowl Discov Data Min, 96, 226

vapnik, 2010, The Nature of Statistical Learning Theory

agrawal, 1996, Fast discovery of association rules, Advances in Knowledge Discovery and Data Mining, 12, 307

10.1109/ICEBE.2007.69

10.1109/2.485891

10.1145/967900.968048

guang-bin, 2011, Extreme learning machines: A survey, Int J Mach Learn Cybern, 2, 107, 10.1007/s13042-011-0019-y

10.1109/ICDE.1995.380415

10.1145/1327452.1327492

amor, 0, Na&#x00EF;ve Bayes vs. decision trees in intrusion detection systems, Proc ACM Symp Appl Comput, 420

10.1145/1143844.1143865

panda, 2007, Network intrusion detection using Naive Bayes, Int J Comput Sci Netw Secur, 7, 258

paxson, 2004, Bro 0 9

10.1007/978-3-642-97610-0

10.1109/PROC.1973.9030

10.1023/A:1009715923555

10.1007/s11633-007-0281-3

hu, 0, Robust support vector machines for anomaly detection in computer security, Proc 20th Int Conf Mach Learn, 282

10.1007/978-3-642-20757-0_3

10.1016/j.eswa.2011.07.032

10.1016/j.jnca.2011.01.002

guazzelli, 2009, PMML an open standard for sharing models, R Journal, 1, 60, 10.32614/RJ-2009-010

10.1145/1656274.1656278

2000, R Core Team

10.1007/978-3-642-04441-0_70

jacobson, 1989, The tcpdump manual page

combs, 2014, Wireshark

2014, The Source

10.1016/j.cose.2010.12.004

lyon, 2009, Nmap Network Scanning The Official Nmap Project Guide to Network Discovery and Security Scanning

arnes, 2006, Using Hidden markov models to evaluate the risks of intrusions: System architecture and model validation, Lect Notes Comput Sci, 145, 10.1007/11856214_8

10.1016/S1389-1286(00)00139-0

dempster, 1977, Maximum likelihood from incomplete data via the EM algorithm, J Roy Statist Soc, 1

10.1109/DISCEX.2000.821506

10.1145/1167350.1167387

ahsan, 0, Practical data hiding in TCP/IP, Proc ACM Multimedia Secur Workshop, 2

10.1090/S0002-9904-1967-11751-8

witten, 2011, Data Mining Practical Machine Learning Tools and Techniques

10.1016/B978-1-55860-377-6.50023-2

10.1007/978-3-662-12405-5_4

lee, 0, A data mining framework for building intrusion detection models, Proc IEEE Symp Secur Privacy, 120

10.1007/s10115-003-0132-7