Accession Number : AD1011870

Title :   Thutmose - Investigation of Machine Learning-Based Intrusion Detection Systems

Descriptive Note : Technical Report,01 Sep 2013,01 Nov 2015

Corporate Author : BAE Systems Information and Security Rome United States

Personal Author(s) : Anania,Mark ; Corbin,George ; Kovacs,Matthew ; Nelson,Kevin ; Tobias,Jeremy

Full Text :

Report Date : 01 Jun 2016

Pagination or Media Count : 92

Abstract : In support of Air Force objectives to improve the Offensive and Defensive cyber-capabilities of the war fighter, this project endeavored to study learning systems researched and developed for cyber defense of network resources. Specifically, intrusion detection systems that were built with machine learning operations were studied to understand: the research behind the approach, the data they were designed to protect, the features processed, the algorithms used and the degree to which they were resistant and resilient to experimentally induced adversarial data drift. The results of this work provide deep insight into the strengths and weaknesses of the studied learning systems while operating within an adversarial environment. This insight will enable the design and development of future machine learning-based intrusion detection systems (ML-IDS) to be more hardened and effective in defending our nations networked resources. The experimentation results will aid in selecting or designing stronger algorithms, choosing better features, and more effectively monitoring resources. The toolset produced to run the experiments may be re-used and enhanced to make designing and testing of these future defenses faster and more effective.

Descriptors :   INTRUSION DETECTION COMPUTERS , graphical user interface , computer programs , genetic algorithms , machine learning , COMPUTER NETWORK SECURITY , artificial neural networks

Distribution Statement : APPROVED FOR PUBLIC RELEASE