A Comprehensive Reasoning Framework for Information Survivability (User Intent Encapsulation and Reasoning About Intrusion: Implementation and Performance Assessment)

Abstract

This effort approaches the problem of user-level intrusion detection by investigating the design and implementation of a practical online user-level intrusion detection system. The outcome of this research is a Dynamic Reasoning based User Intent Driven (DRUID) intrusion detection system. It is important to pay attention to deployment-time issues such as usability and evasion, otherwise it may lead to a situation where the security system is deployed but is either unusable or is deliberately bypassed. A variation of sequential hypothesis testing is proposed to address these issues. Data plays a very important role in the validation of any new approaches or models that are proposed. Unfortunately, in the user-level intrusion detection domain, due to concerns of privacy, there are too few datasets available to the research community. This issue is addressed by devising a data generation algorithm called RACOON based on a model used to profile users.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 2006
Accession Number
ADA457032

Entities

People

  • Shambhu Upadhyaya

Organizations

  • University at Buffalo

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Algorithms
  • C Programming Language
  • Cognitive Systems Engineering
  • Computer Programming
  • Computer Science
  • Computers
  • Cybersecurity
  • Detection
  • Detectors
  • Feature Extraction
  • Graphical User Interface
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Operating Systems
  • Supervised Machine Learning
  • Warning Systems

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.
  • Systems Analysis and Design