Distributed Streams-Based Data-Mining for Application Intrusion Detection

Abstract

This investigation considered the challenge of real-time, distributed data mining across high-level TCP/IP protocols for application layer intrusion detection. The approach taken was to focus on the fundamental challenges of; a) evaluating similarities between different application-level TCP/IP protocols, b) node-based header evaluation methods for HTTP, c) a communication strategy to support aggregation and coordination. This streams-based approach to real-time data mining appears to be a useful in many areas including; security monitoring, intrusion detection and sensor networks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 17, 2004
Accession Number
ADA424288

Entities

People

  • Kevin Yurica
  • Rahul Pande
  • Rajeev Motwani

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Application Protocols
  • Computer Programming
  • Computer Science
  • Computers
  • Computing System Architectures
  • Data Mining
  • Databases
  • Detection
  • Detectors
  • Intrusion
  • Intrusion Detection
  • Networks
  • Operating Systems
  • Performance Tests
  • Test And Evaluation
  • Transport Protocols
  • Web Service

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Neural Network Machine Learning.
  • Systems Analysis and Design

Technology Areas

  • AI & ML