Home

Intrusion detection with unlabeled data using clustering

Leonid Portnoy

Title:
Intrusion detection with unlabeled data using clustering
Author(s):
Portnoy, Leonid
Date:
Type:
Undergraduate theses
Department:
Computer Science
Permanent URL:
Notes:
Undergraduate thesis, Department of Computer Science, Columbia University, 2000.
Abstract:
Intrusions pose a serious security threat in a network environment, and therefore need to be promptly detected and dealt with. New intrusion types, of which detection systems may not even be aware, are the most difficult to detect. Current signature based methods and learning algorithms which rely on labeled data to train, generally can not detect these new intrusions. We present a framework for automatically detecting intrusions, new or otherwise, even if they are yet unknown to the system. In our system, no manually or otherwise classified data is necessary for training. Our method is able to detect many different types of intrusions, while maintaining a low false positive rate.
Subject(s):
Computer science
Item views:
478
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use