東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Data mining techniques for network s...

Simon, Gyorgy J.

Linked to FindBook

Google Book

Amazon

博客來

Data mining techniques for network scan detection.

Record Type:	Language materials, printed : Monograph/item
Title/Author:	Data mining techniques for network scan detection./
Author:	Simon, Gyorgy J.
Description:	157 p.
Notes:	Advisers: Vipin Kumar; Zhi-Li Zhang.
Contained By:	Dissertation Abstracts International69-02B.
Subject:	Computer Science. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3302318
ISBN:	9780549477372

Data mining techniques for network scan detection.
Simon, Gyorgy J.

Data mining techniques for network scan detection. - 157 p.

Advisers: Vipin Kumar; Zhi-Li Zhang.

Thesis (Ph.D.)--University of Minnesota, 2008.

Thirdly and lastly, we also propose a method for estimating the performance of the classifier (scan detector) when labeled data is unavailable.

ISBN: 9780549477372Subjects--Topical Terms:

626642
Computer Science.

Data mining techniques for network scan detection.
LDR:02704nam 2200313 a 45 001 963667
005 20110831
008 110831s2008 ||||||||||||||||| ||eng d
020 $a 9780549477372
035 $a (UMI)AAI3302318
035 $a AAI3302318
040 $a UMI $c UMI
100 1 $a Simon, Gyorgy J. $3 1286730
245 1 0 $a Data mining techniques for network scan detection.
300 $a 157 p.
500 $a Advisers: Vipin Kumar; Zhi-Li Zhang.
500 $a Source: Dissertation Abstracts International, Volume: 69-02, Section: B, page: 1118.
502 $a Thesis (Ph.D.)--University of Minnesota, 2008.
520 $a Thirdly and lastly, we also propose a method for estimating the performance of the classifier (scan detector) when labeled data is unavailable.
520 $a A precursor to many attacks on networks is often a reconnaissance operation, more commonly referred to as a scan. Despite the vast amount of attention focused on methods for scan detection, the state-of-the-art methods suffer from high rate of false alarms and low rate of scan detection.
520 $a In this thesis, we formalize the problem of scan detection as a data mining problem. We show how a network traffic data set can be converted into a data set that is appropriate for off-the-shelf classifiers. Our method successfully demonstrates that data mining models can encapsulate expert knowledge to create an adaptable algorithm that can substantially outperform state-of-the-art methods for scan detection in both coverage and precision. Specifically, we show that our method is capable of very early detection (in many cases, as early as the first connection attempt on the specific port) without significantly compromising the precision of the detection and is capable of distinguishing P2P and backscatter traffic from scanners.
520 $a Using off-the-shelf classifiers as scan detectors is very effective but it requires a training data set whose instances are labeled to indicate the correct class assignment. In rapidly changing fields, like computer network traffic analysis, the availability of up-to-date labeled data sets is very limited. This is primarily a consequence of the excessively high cost of an expert manually labeling these large data sets. In this research, we also propose a method, where labeling the data set is carried out in a semi-supervised manner with user-specified guarantees about the quality of the labeling.
590 $a School code: 0130.
650 4 $a Computer Science. $3 626642
690 $a 0984
710 2 $a University of Minnesota. $3 676231
773 0 $t Dissertation Abstracts International $g 69-02B.
790 $a 0130
790 1 0 $a Kumar, Vipin, $e advisor
790 1 0 $a Zhang, Zhi-Li, $e advisor
791 $a Ph.D.
792 $a 2008
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3302318