It becomes increasingly important to detect intrusions with unknown patterns in order to protect our business from cyber terrorism threats. This paper introduces data mining technologies designed for this purpose; SmartSifter (outlier detection engine), ChangeFinder (change-point detection engine), AccessTracer (anomalous behavior detection engine). All of them are able to learn statistical patterns of logs adaptively and to detect intrusions as statistical anomalies relative to the learned patterns. We briefly overview the principles of these engines and illustrate their applications to network intrusion detection, worm detection, and masquerader detection.
|Number of pages||7|
|Journal||NEC Journal of Advanced Technology|
|Publication status||Published - Dec 2005|
All Science Journal Classification (ASJC) codes
- Engineering (miscellaneous)
- Electrical and Electronic Engineering