Generated Fri Oct 22 07:13:13 PDT 1999 by

  • [Teng90] H.S. Teng, K. Chen, and S.C.-Y. Lu, Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns. Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy, page 278-284. [This paper applies time-based inductive learning to audit trail analysis so as to detect out-of-pattern behavior. The system attempts to analyze behavioral patterns in audit trails in order to generate rules for detecting errant behavior at a later time. The heuristic approach differs from the statistical approaches of IDES and other such systems in that it creates and analyzes logical expressions instead of statistical deviation parameters and in that it can differentiate two similar sequences of events based on the order in which the events occur.]