“Intrusion detection systems (IDS) provide an attempt to address the vulnerability of computer-based systems for abuse by insiders and to penetration by outsiders. The intrusions from inside an organization pose the toughest challenge to the IDS. In a distributed system, the amount of data processed is enormous and it has become impossible to analyze the data using simple manual analysis. There arises a need for automated tools that can detect anomalous behavior effectively. The IDS presented in this research performs anomaly detection using Adaptive Resonance Theory (ART1) clustering. The research uses vector time stamp log data generated from the BOOTS system for two different task types. The BOOTS system is a distributed system that controls the flow of boots from one place to another under a set of security considerations. The data used for task discrimination consists of a window of events drawn around a concurrent pair of events. The methods used to obtain the concurrent data, algorithms used and the results obtained are discussed”--Abstract, page iii.
Stanley, R. Joe
McMillin, Bruce M.
Miller, Ann K.
Electrical and Computer Engineering
M.S. in Computer Engineering
University of Missouri--Rolla
viii, 63 pages
© 2004 Nageswaran Jayaraman, All rights reserved.
Thesis - Restricted Access
Computer networks -- Security measures
Neural networks (Computer science)
Print OCLC #
Link to Catalog Record
Electronic access to the full-text of this document is restricted to Missouri S&T users. Otherwise, request this publication directly from Missouri S&T Library or contact your local library.http://merlin.lib.umsystem.edu/record=b5088814~S5
Jayaraman, Nageswaran, "A clustering approach to intrusion detection" (2004). Masters Theses. 4427.
Share My Thesis If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the button above.