A Data Mining approach for building cost-sensitive and light intrusion detection models
Final technical rept. Aug 2000-Aug 2003
NORTH CAROLINA STATE UNIV AT RALEIGH
Pagination or Media Count:
The report provides a summary of the intrusion detection research completed for this effort. The research studied how to build cost-sensitive and light weight intrusion detection models. The main technical components of the research are 1 Automatic feature construction by analyzing the patterns of normal and intrusion activities computed from large amounts of audit data. 2 Using cost-sensitive machine learning algorithms to construct intrusion detection models that achieve optimal performance on the given often site-specific cost metrics, cluster attack signatures and normal profiles and accordingly construct one light model of each cluster to maximize the utility of each model. 3 Dynamic re- configuration of the light models to make an IDS effective and efficient, and resilient to IDS-related attacks. Algorithms and prototype systems were developed and extensive experiment using DARPA datasets and other real-world datasets were conducted. The results showed that the technologies developed in this project are more advanced and better than todays state-of-the-art.
- Information Science
- Miscellaneous Detection and Detectors