@inbook{Ring2017,
  abstract = {Company data are a valuable asset and must be protected against unauthorized access and manipulation. In this contribution, we report on our ongoing work that aims to support IT security experts with identifying novel or obfuscated attacks in company networks, irrespective of their origin inside or outside the company network. A new toolset for anomaly based network intrusion detection is proposed. This toolset uses flow-based data which can be easily retrieved by central network components. We study the challenges of analysing flow-based data streams using data mining algorithms and build an appropriate approach step by step. In contrast to previous work, we collect flow-based data for each host over a certain time window, include the knowledge of domain experts and analyse the data from three different views. We argue that incorporating expert knowledge and previous flows allow us to create more meaningful attributes for subsequent analysis methods. This way, we try to detect novel attacks while simultaneously limiting the number of false positives.},
  added-at = {2018-03-14T12:17:57.000+0100},
  address = {Cham},
  author = {Ring, Markus and Wunderlich, Sarah and Gr{\"u}dl, Dominik and Landes, Dieter and Hotho, Andreas},
  biburl = {https://www.bibsonomy.org/bibtex/287a19e38f7d15abf2e9588b99c3a40f9/baywiss1},
  booktitle = {Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications},
  description = {A Toolset for Intrusion and Insider Threat Detection | SpringerLink},
  doi = {10.1007/978-3-319-59439-2_1},
  editor = {Palomares Carrascosa, Iv{\'a}n and Kalutarage, Harsha Kumara and Huang, Yan},
  interhash = {7b78d97826bab6f2dcd42e5d41f48ffa},
  intrahash = {87a19e38f7d15abf2e9588b99c3a40f9},
  isbn = {978-3-319-59439-2},
  keywords = {mr},
  pages = {3--31},
  publisher = {Springer International Publishing},
  timestamp = {2019-03-25T11:52:00.000+0100},
  title = {A Toolset for Intrusion and Insider Threat Detection},
  type = {Publication},
  url = {https://doi.org/10.1007/978-3-319-59439-2_1},
  year = 2017
}

@inbook{Ring2017,
  abstract = {Company data are a valuable asset and must be protected against unauthorized access and manipulation. In this contribution, we report on our ongoing work that aims to support IT security experts with identifying novel or obfuscated attacks in company networks, irrespective of their origin inside or outside the company network. A new toolset for anomaly based network intrusion detection is proposed. This toolset uses flow-based data which can be easily retrieved by central network components. We study the challenges of analysing flow-based data streams using data mining algorithms and build an appropriate approach step by step. In contrast to previous work, we collect flow-based data for each host over a certain time window, include the knowledge of domain experts and analyse the data from three different views. We argue that incorporating expert knowledge and previous flows allow us to create more meaningful attributes for subsequent analysis methods. This way, we try to detect novel attacks while simultaneously limiting the number of false positives.},
  added-at = {2017-09-29T03:10:06.000+0200},
  address = {Cham},
  author = {Ring, Markus and Wunderlich, Sarah and Gr{\"u}dl, Dominik and Landes, Dieter and Hotho, Andreas},
  biburl = {https://www.bibsonomy.org/bibtex/287a19e38f7d15abf2e9588b99c3a40f9/dmir},
  booktitle = {Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications},
  description = {A Toolset for Intrusion and Insider Threat Detection | SpringerLink},
  doi = {10.1007/978-3-319-59439-2_1},
  editor = {Palomares Carrascosa, Iv{\'a}n and Kalutarage, Harsha Kumara and Huang, Yan},
  interhash = {7b78d97826bab6f2dcd42e5d41f48ffa},
  intrahash = {87a19e38f7d15abf2e9588b99c3a40f9},
  isbn = {978-3-319-59439-2},
  keywords = {from:markus0412 intrusion myown security security:selected},
  pages = {3--31},
  publisher = {Springer International Publishing},
  timestamp = {2024-01-18T10:31:52.000+0100},
  title = {A Toolset for Intrusion and Insider Threat Detection},
  url = {https://doi.org/10.1007/978-3-319-59439-2_1},
  year = 2017
}

@inbook{Ring2017,
  abstract = {Company data are a valuable asset and must be protected against unauthorized access and manipulation. In this contribution, we report on our ongoing work that aims to support IT security experts with identifying novel or obfuscated attacks in company networks, irrespective of their origin inside or outside the company network. A new toolset for anomaly based network intrusion detection is proposed. This toolset uses flow-based data which can be easily retrieved by central network components. We study the challenges of analysing flow-based data streams using data mining algorithms and build an appropriate approach step by step. In contrast to previous work, we collect flow-based data for each host over a certain time window, include the knowledge of domain experts and analyse the data from three different views. We argue that incorporating expert knowledge and previous flows allow us to create more meaningful attributes for subsequent analysis methods. This way, we try to detect novel attacks while simultaneously limiting the number of false positives.},
  added-at = {2017-09-27T12:02:01.000+0200},
  address = {Cham},
  author = {Ring, Markus and Wunderlich, Sarah and Gr{\"u}dl, Dominik and Landes, Dieter and Hotho, Andreas},
  biburl = {https://www.bibsonomy.org/bibtex/287a19e38f7d15abf2e9588b99c3a40f9/markus0412},
  booktitle = {Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications},
  description = {A Toolset for Intrusion and Insider Threat Detection | SpringerLink},
  doi = {10.1007/978-3-319-59439-2_1},
  editor = {Palomares Carrascosa, Iv{\'a}n and Kalutarage, Harsha Kumara and Huang, Yan},
  interhash = {7b78d97826bab6f2dcd42e5d41f48ffa},
  intrahash = {87a19e38f7d15abf2e9588b99c3a40f9},
  isbn = {978-3-319-59439-2},
  keywords = {myown},
  pages = {3--31},
  publisher = {Springer International Publishing},
  timestamp = {2017-09-27T12:55:39.000+0200},
  title = {A Toolset for Intrusion and Insider Threat Detection},
  url = {https://doi.org/10.1007/978-3-319-59439-2_1},
  year = 2017
}

@inbook{Ring2017,
  abstract = {Company data are a valuable asset and must be protected against unauthorized access and manipulation. In this contribution, we report on our ongoing work that aims to support IT security experts with identifying novel or obfuscated attacks in company networks, irrespective of their origin inside or outside the company network. A new toolset for anomaly based network intrusion detection is proposed. This toolset uses flow-based data which can be easily retrieved by central network components. We study the challenges of analysing flow-based data streams using data mining algorithms and build an appropriate approach step by step. In contrast to previous work, we collect flow-based data for each host over a certain time window, include the knowledge of domain experts and analyse the data from three different views. We argue that incorporating expert knowledge and previous flows allow us to create more meaningful attributes for subsequent analysis methods. This way, we try to detect novel attacks while simultaneously limiting the number of false positives.},
  added-at = {2017-09-07T12:44:36.000+0200},
  address = {Cham},
  author = {Ring, Markus and Wunderlich, Sarah and Gr{\"u}dl, Dominik and Landes, Dieter and Hotho, Andreas},
  biburl = {https://www.bibsonomy.org/bibtex/287a19e38f7d15abf2e9588b99c3a40f9/hotho},
  booktitle = {Data Analytics and Decision Support for Cybersecurity: Trends, Methodologies and Applications},
  description = {A Toolset for Intrusion and Insider Threat Detection | SpringerLink},
  doi = {10.1007/978-3-319-59439-2_1},
  editor = {Palomares Carrascosa, Iv{\'a}n and Kalutarage, Harsha Kumara and Huang, Yan},
  interhash = {7b78d97826bab6f2dcd42e5d41f48ffa},
  intrahash = {87a19e38f7d15abf2e9588b99c3a40f9},
  isbn = {978-3-319-59439-2},
  keywords = {2017 flow myown network security toolset},
  pages = {3--31},
  publisher = {Springer International Publishing},
  timestamp = {2017-09-07T12:44:36.000+0200},
  title = {A Toolset for Intrusion and Insider Threat Detection},
  url = {https://doi.org/10.1007/978-3-319-59439-2_1},
  year = 2017
}