An intrusion-detection system based on the Teiresias pattern-discovery algorithm

An intrusion-detection system based on the Teiresias pattern-discovery algorithm. Wespi, A., Dacier, M., & Debar, H. In Gattiker, U. E., Pedersen, P., & Petersen, K., editors, Proceedings of EICAR 1999, 1999. European Institute for Computer Antivirus Research (EICAR). 00064 bibtex: wespi1999intrusion
doi abstract bibtex

This paper addresses the problem of creating a pattern table that can be used to model the normal behavior of a given process. The model can be used for intrusion-detection purposes. So far, most of the approaches proposed have been based on fixed-length patterns, although variable-length patterns seem to be more naturally suited to model the normal process behavior. We have developed a technique to build tables of variable-length patterns. This technique is based on Teiresias, an algorithm initially developed for the discovery of rigid patterns in unaligned biological sequences. We evaluate the quality of our technique in a testbed environment and compare it with techniques based on fixed-length patterns.

@inproceedings{ wespi_intrusion-detection_1999,
  title = {An intrusion-detection system based on the {Teiresias} pattern-discovery algorithm},
  doi = {10.1.1.23.6768},
  abstract = {This paper addresses the problem of creating a pattern table that can be used to model the normal behavior of a given process. The model can be used for intrusion-detection purposes. So far, most of the approaches proposed have been based on fixed-length patterns, although variable-length patterns seem to be more naturally suited to model the normal process behavior. We have developed a technique to build tables of variable-length patterns. This technique is based on Teiresias, an algorithm initially developed for the discovery of rigid patterns in unaligned biological sequences. We evaluate the quality of our technique in a testbed environment and compare it with techniques based on fixed-length patterns.},
  booktitle = {Proceedings of {EICAR} 1999},
  publisher = {European Institute for Computer Antivirus Research (EICAR)},
  author = {Wespi, Andreas and Dacier, Marc and Debar, Hervé},
  editor = {Gattiker, U. E. and Pedersen, P. and Petersen, K.},
  year = {1999},
  note = {00064 bibtex: wespi1999intrusion}
}

Downloads: 0

{"_id":"ezctKCKydaX8RTNk8","bibbaseid":"wespi-dacier-debar-anintrusiondetectionsystembasedontheteiresiaspatterndiscoveryalgorithm-1999","downloads":0,"creationDate":"2015-04-22T00:15:38.231Z","title":"An intrusion-detection system based on the Teiresias pattern-discovery algorithm","author_short":["Wespi, A.","Dacier, M.","Debar, H."],"year":1999,"bibtype":"inproceedings","biburl":"http://bibbase.org/zotero/ealprr","bibdata":{"abstract":"This paper addresses the problem of creating a pattern table that can be used to model the normal behavior of a given process. The model can be used for intrusion-detection purposes. So far, most of the approaches proposed have been based on fixed-length patterns, although variable-length patterns seem to be more naturally suited to model the normal process behavior. We have developed a technique to build tables of variable-length patterns. This technique is based on Teiresias, an algorithm initially developed for the discovery of rigid patterns in unaligned biological sequences. We evaluate the quality of our technique in a testbed environment and compare it with techniques based on fixed-length patterns.","author":["Wespi, Andreas","Dacier, Marc","Debar, Hervé"],"author_short":["Wespi, A.","Dacier, M.","Debar, H."],"bibtex":"@inproceedings{ wespi_intrusion-detection_1999,\n title = {An intrusion-detection system based on the {Teiresias} pattern-discovery algorithm},\n doi = {10.1.1.23.6768},\n abstract = {This paper addresses the problem of creating a pattern table that can be used to model the normal behavior of a given process. The model can be used for intrusion-detection purposes. So far, most of the approaches proposed have been based on fixed-length patterns, although variable-length patterns seem to be more naturally suited to model the normal process behavior. We have developed a technique to build tables of variable-length patterns. This technique is based on Teiresias, an algorithm initially developed for the discovery of rigid patterns in unaligned biological sequences. We evaluate the quality of our technique in a testbed environment and compare it with techniques based on fixed-length patterns.},\n booktitle = {Proceedings of {EICAR} 1999},\n publisher = {European Institute for Computer Antivirus Research (EICAR)},\n author = {Wespi, Andreas and Dacier, Marc and Debar, Hervé},\n editor = {Gattiker, U. E. and Pedersen, P. and Petersen, K.},\n year = {1999},\n note = {00064 bibtex: wespi1999intrusion}\n}","bibtype":"inproceedings","booktitle":"Proceedings of EICAR 1999","doi":"10.1.1.23.6768","editor":["Gattiker, U. E.","Pedersen, P.","Petersen, K."],"editor_short":["Gattiker, U.<nbsp>E.","Pedersen, P.","Petersen, K."],"id":"wespi_intrusion-detection_1999","key":"wespi_intrusion-detection_1999","note":"00064 bibtex: wespi1999intrusion","publisher":"European Institute for Computer Antivirus Research (EICAR)","title":"An intrusion-detection system based on the Teiresias pattern-discovery algorithm","type":"inproceedings","year":"1999","bibbaseid":"wespi-dacier-debar-anintrusiondetectionsystembasedontheteiresiaspatterndiscoveryalgorithm-1999","role":"author","urls":{},"downloads":0},"search_terms":["intrusion","detection","system","based","teiresias","pattern","discovery","algorithm","wespi","dacier","debar"],"keywords":[],"authorIDs":[],"dataSources":["fcy64Zdm28gydMmuE"]}