Swarm-Based Knowledge Discovery for Intrusion Behavior Discovering

Author

Cui, Xiaohui ; Beaver, Justin ; Potok, Thomas

Author_Institution

Comput. Sci. & Eng. Div., Oak Ridge Nat. Lab., Oak Ridge, TN, USA

fYear

2010

fDate

10-12 Oct. 2010

Firstpage

270

Lastpage

275

Abstract

In this research, we developed a technique, the Swarm-based Visual Data Mining approach (SVDM), that will help user to gain insight into the Intrusion Detection System (IDS) alert event data stream, come up with new hypothesis, and verify the hypothesis via the interaction between the human and the system. This novel malicious user detection system can efficiently help security officer detect anomaly behaviors of malicious user in the high dimensional time dependent state spaces. This system´s visual representations exploit the human being´s innate ability to recognize patterns and utilize this ability to help security manager understand the relationships between seemingly discrete security breaches.

Keywords

data mining; data visualisation; pattern recognition; security of data; IDS; SVDM; discrete security; event data stream; high dimensional time dependent state spaces; intrusion behavior discovering; intrusion detection system; malicious user detection system; pattern recognition; swarm-based knowledge discovery; swarm-based visual data mining approach; system visual representations; Data mining; Data visualization; History; Humans; IP networks; Security; Visualization; data mining; intrusion; swarm; visualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2010 International Conference on

Conference_Location

Huangshan

Print_ISBN

978-1-4244-8434-8

Electronic_ISBN

978-0-7695-4235-5

Type

conf

DOI

10.1109/CyberC.2010.56

Filename

5617135