| Description |
viii, 89 leaves : illustrations ; 28 cm. |
| Summary |
"Intrusion detection systems (IDS) attempt to address the vulnerability of computer-based systems for abuse by insiders and to penetration by outsiders. An IDS is often required to examine an enormous amount of data generated by computer networks to assist in the abuse detection process. The development of automated techniques is needed to address the requirements of IDS and to assist system administrators in the detection of existing security violations. This research investigates pattern recognition approaches for anomaly detection for insider system operations based on the analysis of a system's log files. For anomaly detection, concurrent event-based and modified Hamming distance features are examined. These features are evaluated using two machine learning approaches: 1) standard back propagation neural networks and 2) fuzzy adaptive resonance theory. The system examined for this research is the Boots system, an internally developed system, for controlling the movement of boots from one place to another under specific security restrictions related to the boot orders. The results of this work apply to intrusion detection results for log data collected from the Boots system. The experimental results are presented and compared to a benchmark event windowing technique"--Abstract, leaf iii. |
|
