Distinguishing Novel Usage From Novel Attacks

Abstract

In this project, ATC-NY is developing methods for evaluating anomalous behavior concurrently with reacting to it. Anomalous events that are not so suspicious as to cause an immediate alarm are continually reexamined in the light of later events, with the goal of eventually understanding whether they are benign or malign. As time goes on, the IDS should become familiar with common attacks, even while it continually adapts to small changes in normal behavior. By focusing on the long-term problem (building up knowledge), the proposed IDS should become better over time at solving the short-term problem (detecting attacks).

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2006
Accession Number
ADA458982

Entities

People

  • Carla Marceau

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Abstracts
  • Anomaly Detection
  • Application Software
  • Change Detection
  • Computers
  • Cybersecurity
  • Detection
  • Electronic Commerce
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Kernels (Operating System)
  • Operating Systems
  • Security
  • Students
  • Warning Systems

Fields of Study

  • Computer science

Readers

  • Sensor Fusion and Tracking Systems.
  • Strategic Security Studies
  • Systems Analysis and Design