東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Application of a Novel Multiple Kern...

Fossaceca, John M.

Linked to FindBook

Google Book

Amazon

博客來

Application of a Novel Multiple Kernel Learning Framework for Improving the Robustness of Network Intrusion Detection.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Application of a Novel Multiple Kernel Learning Framework for Improving the Robustness of Network Intrusion Detection./
Author:	Fossaceca, John M.
Description:	171 p.
Notes:	Source: Dissertation Abstracts International, Volume: 76-08(E), Section: B.
Contained By:	Dissertation Abstracts International76-08B(E).
Subject:	Systems science. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3687391
ISBN:	9781321649345

Application of a Novel Multiple Kernel Learning Framework for Improving the Robustness of Network Intrusion Detection.
Fossaceca, John M.

Application of a Novel Multiple Kernel Learning Framework for Improving the Robustness of Network Intrusion Detection. - 171 p.

Source: Dissertation Abstracts International, Volume: 76-08(E), Section: B.

Thesis (Ph.D.)--The George Washington University, 2015.

Current day Network Intrusion Detection Systems have several shortcomings such as high rates of false positive alerts, low detection rates of rare but dangerous attacks and the need for constant human intervention and tuning. Daily reports of incidents appear in public media including major ex-filtrations of data for the purposes of stealing identities, credit card numbers, and intellectual property as well as to take control of network resources. Methods used by attackers constantly change in order to defeat techniques employed by information technology (IT) teams intended to discover or block intrusions. "Zero Day" (i.e. previously unseen) attacks whose "signatures" are not yet in IT databases are continually being uncovered. Machine learning approaches have been widely used to increase the effectiveness of intrusion detection platforms. While some machine learning techniques are effective at detecting certain types of attacks, there are no known methods that can be applied universally and achieve consistent results for multiple attack types. Detection of cyber-based attacks on computer networks continues to be a relevant and challenging area of research.

ISBN: 9781321649345Subjects--Topical Terms:

3168411
Systems science.

Application of a Novel Multiple Kernel Learning Framework for Improving the Robustness of Network Intrusion Detection.
LDR:04397nmm a2200313 4500 001 2068718
005 20160428074934.5
008 170521s2015 ||||||||||||||||| ||eng d
020 $a 9781321649345
035 $a (MiAaPQ)AAI3687391
035 $a AAI3687391
040 $a MiAaPQ $c MiAaPQ
100 1 $a Fossaceca, John M. $3 3183680
245 1 0 $a Application of a Novel Multiple Kernel Learning Framework for Improving the Robustness of Network Intrusion Detection.
300 $a 171 p.
500 $a Source: Dissertation Abstracts International, Volume: 76-08(E), Section: B.
500 $a Advisers: Thomas A. Mazzuchi; Shahram Sarkani.
502 $a Thesis (Ph.D.)--The George Washington University, 2015.
520 $a Current day Network Intrusion Detection Systems have several shortcomings such as high rates of false positive alerts, low detection rates of rare but dangerous attacks and the need for constant human intervention and tuning. Daily reports of incidents appear in public media including major ex-filtrations of data for the purposes of stealing identities, credit card numbers, and intellectual property as well as to take control of network resources. Methods used by attackers constantly change in order to defeat techniques employed by information technology (IT) teams intended to discover or block intrusions. "Zero Day" (i.e. previously unseen) attacks whose "signatures" are not yet in IT databases are continually being uncovered. Machine learning approaches have been widely used to increase the effectiveness of intrusion detection platforms. While some machine learning techniques are effective at detecting certain types of attacks, there are no known methods that can be applied universally and achieve consistent results for multiple attack types. Detection of cyber-based attacks on computer networks continues to be a relevant and challenging area of research.
520 $a The focus of this research is on the development of a framework that combines the outputs of multiple learners in order to improve the efficacy of network intrusion detection. The approaches built into this framework are tested on a benchmark dataset that contains instances of normal network traffic and multiple classes of network attacks. The extreme learning machine (ELM) was chosen as the core algorithm due to recent research that suggests that ELMs are straightforward to implement, computationally efficient and have excellent learning performance characteristics on par with the Support Vector Machine (SVM), one of the most widely used and best performing machine learning platforms (Liu, X., Gao, C., & Li, P., 2012). A novel and flexible machine learning framework was constructed to test several new ensemble learning approaches including Online Multiple Kernel Classification ELM (OMKC-ELM), Multiple Boosting ELM (MB-ELM) and Multiple Adaptive Reduced Kernel ELM (MARK-ELM). These methods were tested on several machine learning datasets as well as the Knowledge Discovery and Data Mining Contest 1999 (KDD Cup 99) intrusion detection dataset. The results indicate that the proposed approaches used in framework perform well for the majority of UCI benchmark datasets and are scalable for processing larger datasets. In these experiments it was demonstrated that the ensemble methods MARK-ELM and OMKC-ELM achieve superior detection rates and lower false alarm rates than many other existing paradigms for classifying network intrusion detection data. The results of this research is of interest to Network Operators and cyber security researchers who are always seeking more robust approaches to Network Intrusion Detection and Prevention that have good detection capability along with low false positive rates and do not require a great deal of tuning or human intervention. The findings presented here may lead to methods to improve and augment existing Network Intrusion Detection, Prevention and Forensic Analysis systems. Finding innovative and advanced approaches for detection of cyber-based attacks on computer networks continues to be a relevant and challenging area of research.
590 $a School code: 0075.
650 4 $a Systems science. $3 3168411
650 4 $a Information science. $3 554358
650 4 $a Computer engineering. $3 621879
650 4 $a Computer science. $3 523869
690 $a 0790
690 $a 0723
690 $a 0464
690 $a 0984
710 2 $a The George Washington University. $b School of Engineering and Applied Science. $3 1020851
773 0 $t Dissertation Abstracts International $g 76-08B(E).
790 $a 0075
791 $a Ph.D.
792 $a 2015
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3687391