Typed Linear Chain Conditional Random Fields and Their Application to Intrusion Detection [chapter]

Carsten Elfers, Mirko Horstmann, Karsten Sohr, Otthein Herzog
2010 Lecture Notes in Computer Science  
Intrusion detection in computer networks faces the problem of a large number of both false alarms and unrecognized attacks. To improve the precision of detection, various machine learning techniques have been proposed. However, one critical issue is that the amount of reference data that contains serious intrusions is very sparse. In this paper we present an inference process with linear chain conditional random fields that aims to solve this problem by using domain knowledge about the alerts
more » ... different intrusion sensors represented in an ontology. 1
doi:10.1007/978-3-642-15381-5_2 fatcat:tjaxpgwotfgnnmtyji5s2js2qu