Đang chuẩn bị liên kết để tải về tài liệu:
Data Mining and Knowledge Discovery Handbook, 2 Edition part 120

Data Mining and Knowledge Discovery Handbook, 2 Edition part 120. Knowledge Discovery demonstrates intelligent computing at its best, and is the most desirable and interesting end-product of Information Technology. To be able to discover and to extract knowledge from data is a task that many researchers and practitioners are endeavoring to accomplish. There is a lot of hidden knowledge waiting to be discovered – this is the challenge created by today’s abundance of data. Data Mining and Knowledge Discovery Handbook, 2nd Edition organizes the most current concepts, theories, standards, methodologies, trends, challenges and applications of data mining (DM) and knowledge discovery. | 61 Data Mining for Intrusion Detection Anoop Singhal1 and Sushil Jajodia2 1 Center for Secure Information Systems George Mason University Fairfax VA 22030-4444 2 Center for Secure Information Systems George Mason University Fairfax VA 22030-4444 Summary. Data Mining Techniques have been successfully applied in many different fields including marketing manufacturing fraud detection and network management. Over the past years there is a lot of interest in security technologies such as intrusion detection cryptography authentication and firewalls. This chapter discusses the application of Data Mining techniques to computer security. Conclusions are drawn and directions for future research are suggested. Key words computer security intrusion detection data warehouse alert correlation 61.1 Introduction Computer security is of importance to a wide variety of practical domains ranging from banking industry to multinational corporations from space exploration to the intelligence community and so on. The following principles are generally accepted as the foundation of a good security solution Authentication The process of establishing the validity of a claimed identity. Authorization The process of determining whether a validated entity is allowed access to a resource based on attributes predicates or context. Integrity The prevention of modification or destruction of an asset by an unauthorized user. Availability The protection of assets from denial-of-service threats that might impact system availability. Confidentiality The property of non-disclosure of information to unauthorized users. Auditing The property of logging all system activities at a sufficient level so that events can be reconstructed if it is required. Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems. Over the past several years O. Maimon L. Rokach eds. Data Mining and Knowledge Discovery Handbook 2nd ed.