2015
DOI: 10.1007/s11227-015-1604-8
|View full text |Cite
|
Sign up to set email alerts
|

DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
58
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
7
3

Relationship

0
10

Authors

Journals

citations
Cited by 128 publications
(58 citation statements)
references
References 14 publications
0
58
0
Order By: Relevance
“…is said to belong to one side of the partition F with degree µ F (x) and to the other side with degree (1 − µ F (x)). Since both fuzzy rules [33] and decision tree [43], [44] yield good performance in malware analysis, we hybridize the idea behind these two methods by allowing fuzzy partitions of both types: (i) less than partition x < c, which is the fuzzy version of the ordinary partition for a continuous attribute:…”
Section: A Feature Selectionmentioning
confidence: 99%
“…is said to belong to one side of the partition F with degree µ F (x) and to the other side with degree (1 − µ F (x)). Since both fuzzy rules [33] and decision tree [43], [44] yield good performance in malware analysis, we hybridize the idea behind these two methods by allowing fuzzy partitions of both types: (i) less than partition x < c, which is the fuzzy version of the ordinary partition for a continuous attribute:…”
Section: A Feature Selectionmentioning
confidence: 99%
“…In [49], the authors applied a decision tree to build IDS to detect APT attacks. It can detect intrusion from the beginning and quickly react to APT to minimize damage.…”
Section: Countering An Advanced Persistent Threatmentioning
confidence: 99%
“…While this may not always correspond to an attack, alertbased responses address inherent problems in SCADA operations, which are otherwise not possible to capture using traditional IT-based IDS. Based on the requirements of the strict availability, the IDS can respond immediately to unusual situations [56, 63, 69, 91-93, 95, 132, 133, 135, 138, 141], or provide a delayed notification summarizing similar alarms [52,74,79,88,100,114,122,123]. Information-Centric: If we examine the information used for the detection, then IDS systems can be further categorized into Host-based Intrusion Detection (HID) and Networkbased Intrusion Detection (NID).…”
Section: Taxonomy Of Scada-based Idssmentioning
confidence: 99%