Machine Learning Techniques for Anomaly Detection in Computer Security
Terran Lane - Purdue University
Apr 07, 2000Size: 214.2MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractWith the recent phenomenal growth of the availability and connectivity of computing resources and the advent of e-commerce, more valuable and private data is being stored online than ever before. But with greater value and availability comes greater threat. In this talk we examine the information security problem of anomaly detection --- recognizing the occurrence of ``out of the ordinary'' events which may prove to be hazardous. We evaluate this problem as a machine learning task and describe the application of two machine learning techniques: instance-based learning (IBL) and hidden Markov models (HMMs). This work focuses on anomaly detection at the user level (as opposed to the network or system call level), which introduces a number of interesting and complex issues from a machine learning standpoint. In particular, we explore privacy, resource constraints, non-stationarity (a.k.a. concept drift), and performance issues and give empirical analyses based on real user data. We close with some thoughts on extensions to this work and on other areas of application.
About the Speakergraduated from Ballard High School (Louisville, KY) in 1990 and entered the department of Electrical and Computer Engineering (then the department of Electrical Engineering) at Purdue University (West Lafayette, IN) in the fall of that year. I have been here ever since, attaining my bachelor\'s (BSCEE == Bachelor of Science in Computer and Electrical Engineering) in May of 1994. I immediately plunged into the PhD program, and am currently working toward that degree under the direction of Professor Carla Brodley.
Some notes on my Research are available.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.