A windowing-based approach for intrusion detection
Windowing based approach for intrusion detection
Keywords and Phrases
Hamming distance; Fuzzy ART
"Intrusion detection systems (IDS) attempt to address the vulnerability of computer-based systems for abuse by insiders and to penetration by outsiders. An IDS is often required to examine an enormous amount of data generated by computer networks to assist in the abuse detection process. The development of automated techniques is needed to address the requirements of IDS and to assist system administrators in the detection of existing security violations. This research investigates pattern recognition approaches for anomaly detection for insider system operations based on the analysis of a system's log files. For anomaly detection, concurrent event-based and modified Hamming distance features are examined. These features are evaluated using two machine learning approaches: 1) standard back propagation neural networks and 2) fuzzy adaptive resonance theory. The system examined for this research is the Boots system, an internally developed system, for controlling the movement of boots from one place to another under specific security restrictions related to the boot orders. The results of this work apply to intrusion detection results for log data collected from the Boots system. The experimental results are presented and compared to a benchmark event windowing technique"--Abstract, leaf iii.
Electrical and Computer Engineering
M.S. in Electrical Engineering
University of Missouri--Rolla
viii, 89 leaves
© 2004 Renu Madanmohan Kayarkar, All rights reserved.
Thesis - Citation
Library of Congress Subject Headings
Neural networks (Computer science)
Pattern recognition systems
Computer networks -- Security measures
Print OCLC #
Link to Catalog Record
Full-text not available: Request this publication directly from Missouri S&T Library or contact your local library.http://laurel.lso.missouri.edu/record=b5369396~S5
Kayarkar, Reno Madanmohan, "A windowing-based approach for intrusion detection" (2004). Masters Theses. 4095.
Share My Thesis If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the button above.