Accession Number : AD1011870


Title :   Thutmose - Investigation of Machine Learning-Based Intrusion Detection Systems


Descriptive Note : Technical Report,01 Sep 2013,01 Nov 2015


Corporate Author : BAE Systems Information and Security Rome United States


Personal Author(s) : Anania,Mark ; Corbin,George ; Kovacs,Matthew ; Nelson,Kevin ; Tobias,Jeremy


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/1011870.pdf


Report Date : 01 Jun 2016


Pagination or Media Count : 92


Abstract : In support of Air Force objectives to improve the Offensive and Defensive cyber-capabilities of the war fighter, this project endeavored to study learning systems researched and developed for cyber defense of network resources. Specifically, intrusion detection systems that were built with machine learning operations were studied to understand: the research behind the approach, the data they were designed to protect, the features processed, the algorithms used and the degree to which they were resistant and resilient to experimentally induced adversarial data drift. The results of this work provide deep insight into the strengths and weaknesses of the studied learning systems while operating within an adversarial environment. This insight will enable the design and development of future machine learning-based intrusion detection systems (ML-IDS) to be more hardened and effective in defending our nations networked resources. The experimentation results will aid in selecting or designing stronger algorithms, choosing better features, and more effectively monitoring resources. The toolset produced to run the experiments may be re-used and enhanced to make designing and testing of these future defenses faster and more effective.


Descriptors :   INTRUSION DETECTION COMPUTERS , graphical user interface , computer programs , genetic algorithms , machine learning , COMPUTER NETWORK SECURITY , artificial neural networks


Distribution Statement : APPROVED FOR PUBLIC RELEASE