Accession Number:

ADA422555

Title:

A Data Mining approach for building cost-sensitive and light intrusion detection models

Descriptive Note:

Final technical rept. Aug 2000-Aug 2003

Corporate Author:

NORTH CAROLINA STATE UNIV AT RALEIGH

Personal Author(s):

Report Date:

2004-03-01

Pagination or Media Count:

31.0

Abstract:

The report provides a summary of the intrusion detection research completed for this effort. The research studied how to build cost-sensitive and light weight intrusion detection models. The main technical components of the research are 1 Automatic feature construction by analyzing the patterns of normal and intrusion activities computed from large amounts of audit data. 2 Using cost-sensitive machine learning algorithms to construct intrusion detection models that achieve optimal performance on the given often site-specific cost metrics, cluster attack signatures and normal profiles and accordingly construct one light model of each cluster to maximize the utility of each model. 3 Dynamic re- configuration of the light models to make an IDS effective and efficient, and resilient to IDS-related attacks. Algorithms and prototype systems were developed and extensive experiment using DARPA datasets and other real-world datasets were conducted. The results showed that the technologies developed in this project are more advanced and better than todays state-of-the-art.

Subject Categories:

  • Information Science
  • Miscellaneous Detection and Detectors

Distribution Statement:

APPROVED FOR PUBLIC RELEASE