This item is provided by the institution :

Repository :
E-Locus Institutional Repository
see the original item page
in the repository's web site and access all digital files if the item*

2008 (EN)
A statistical approach for intrusion detection

Σφακιανάκης, Ιωάννης

Στυλιανού, Ιωάννης

Since the Internet's growth, network security plays a vital role in the computer industry. Attacks are becoming much more sophisticated and this fact lead the computer community to look for better and advanced anti-measures. Malicious users existed far before the Internet was created, however the Internet gave intruders a major boost towards their potential compromisations. Naturally, the Internet provides convenience and comfort to every users and \bad news" is merely an infelicity. Clearly the Internet is a step forward; it must be used for the correct reasons and towards the right cause, nevertheless. As computer technology becomes more elaborate and complex, programme vulnerabil- ities are more frequent and compromisations e®ortless. A means of attack containment are the so called \Intrusion detection systems" (IDS). In this thesis we built a network anomaly IDS, using statistical properties from the network's tra±c. We were interested in building general purpose, adaptive and data inde- pendent system with as few parameters as possible. The types of attacks it can detect are Denial of Service attacks and probing attacks. We used three models for our experiments; Fisher's Linear Discriminant, Gaussian mixture model and Support vector machines. In our experiments we found that the most important part of statistical intrusion detection is the feature selection. Better results can be achieved when both classes are modeled (attack and normal tra±c). Best results were achieved using Fisher's Linear. Discriminant method, that is 90% detection rate with 5% false alarm rate. (EN)

Τύπος Εργασίας--Μεταπτυχιακές εργασίες ειδίκευσης



Σχολή/Τμήμα--Σχολή Θετικών και Τεχνολογικών Επιστημών--Τμήμα Επιστήμης Υπολογιστών--Μεταπτυχιακές εργασίες ειδίκευσης

*Institutions are responsible for keeping their URLs functional (digital file, item page in repository site)