Skip to main content
SpringerLink
Log in

Typed Linear Chain Conditional Random Fields and Their Application to Intrusion Detection

  • Conference paper
Book cover Intelligent Data Engineering and Automated Learning – IDEAL 2010 (IDEAL 2010)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6283))

Abstract

Intrusion detection in computer networks faces the problem of a large number of both false alarms and unrecognized attacks. To improve the precision of detection, various machine learning techniques have been proposed. However, one critical issue is that the amount of reference data that contains serious intrusions is very sparse. In this paper we present an inference process with linear chain conditional random fields that aims to solve this problem by using domain knowledge about the alerts of different intrusion sensors represented in an ontology.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, C., Domingos, P., Weld, D.: Relational Markov Models and their Application to Adaptive Web Navigation. In: Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (2002)

    Google Scholar 

  2. Anderson, R.: Security Engineering, 2nd edn., p. 664. Wiley Publishing, Chichester (2008)

    Google Scholar 

  3. Wagner, T., Elfers, C.: Learning and Prediction based on a Relational Hidden Markov Model. In: International Conference on Agents and Artificial Intelligence (2010)

    Google Scholar 

  4. Gu, G., Crdenas, A.A., Lee, W.: Principled Reasoning and Practical Applications of Alert Fusion in Intrusion Detection Systems. In: ASIACCS ’08 (2008)

    Google Scholar 

  5. Gupta, K.K., Nath, B., Ramamohanarao, K.: Conditional Random Fields for Intrusion Detection. In: 21st International Conference on Advanced Information Networking and Applications Workshops, AINAW’07 (2007)

    Google Scholar 

  6. Gupta, K.K., Nath, B., Ramamohanarao, K.: Layered Approach Using Conditional Random Fields for Intrusion Detection. IEEE Transactions on Dependable and Secure Computing (2010)

    Google Scholar 

  7. Lafferty, J., McCallum, A., Pereira, F.: Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data. In: 18th International Conf. on Machine Learning (2001)

    Google Scholar 

  8. Lee, D., Kim, D., Jung, J.: Multi-Stage Intrusion Detection System Using Hidden Markov Model Algorithm. In: Proceedings of the 2008 International Conference on Information Science and Security (2008)

    Google Scholar 

  9. Oblinger, D., Castelli, V., Lau, T., Bergman, L.D.: Similarity-Based Alignment and Generalization. In: Machine Learning: ECML (2005)

    Google Scholar 

  10. Ourston, D., Matzner, S., Stump, W., Hopkins, B.: Applications of Hidden Markov Models to Detecting Multi-stage Network Attacks. In: Proceedings of the 36th Hawaii International Conference on System Sciences (2003)

    Google Scholar 

  11. Qin, X., Lee, W.: Attack Plan Recognition and Prediction Using Causal Networks. In: Annual Computer Security Applications Conference (2004)

    Google Scholar 

  12. Garcia-Teodoro, P., Daz-Verdejo, J., Marci-Fernndez, G., Vzquez, E.: Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers and Security (2009)

    Google Scholar 

  13. Wallach, H.M.: Conditional random fields: An introduction. Technical Report MS-CIS-04-21. University of Pennsylvania (2004)

    Google Scholar 

  14. Yu, D., Frincke, D.: Improving the quality of alerts and predicting intruder’s next goal with Hidden Colored Petri-Net. Computer Networks: The International Journal of Computer and Telecommunications Networking (2007)

    Google Scholar 

  15. Zhong, J., Zhu, H., Li, J., Yu, Y.: Conceptual Graph Matching for Semantic Search. In: Proceedings of the 2002 International Conference on Computational Science (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Computing and Communication Technologies, Am Fallturm 1, 28359, Bremen, Germany

    Carsten Elfers, Mirko Horstmann, Karsten Sohr & Otthein Herzog

Authors
  1. Carsten Elfers
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mirko Horstmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Karsten Sohr
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Otthein Herzog
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computing, University of the West of Scotland, PA1 2BE, Paisley, UK

    Colin Fyfe

  2. University of Birmingham, B15 2TT, Birmingham, UK

    Peter Tino

  3. University of Ulster, Coleraine, UK

    Darryl Charles

  4. Universidad de Burgos, Burgos, Spain

    Cesar Garcia-Osorio

  5. School of Electrical and Electronic Engineering, University of Manchester, Sackville Street Building, Sackville Street, M60 1QD, Manchester, UK

    Hujun Yin

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Elfers, C., Horstmann, M., Sohr, K., Herzog, O. (2010). Typed Linear Chain Conditional Random Fields and Their Application to Intrusion Detection. In: Fyfe, C., Tino, P., Charles, D., Garcia-Osorio, C., Yin, H. (eds) Intelligent Data Engineering and Automated Learning – IDEAL 2010. IDEAL 2010. Lecture Notes in Computer Science, vol 6283. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15381-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15381-5_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15380-8

  • Online ISBN: 978-3-642-15381-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation