Title :
An application of machine learning to network intrusion detection
Author :
Sinclair, Chris ; Pierce, Lyn ; Matzner, Sara
Author_Institution :
Appl. Res. Lab., Texas Univ., Austin, TX, USA
Abstract :
Differentiating anomalous network activity from normal network traffic is difficult and tedious. A human analyst must search through vast amounts of data to find anomalous sequences of network connections. To support the analyst´s job, we built an application which enhances domain knowledge with machine learning techniques to create rules for an intrusion detection expert system. We employ genetic algorithms and decision trees to automatically generate rules for classifying network connections. This paper describes the machine learning methodology and the applications employing this methodology
Keywords :
computer network management; decision trees; expert systems; genetic algorithms; learning (artificial intelligence); security of data; telecommunication security; anomalous network activity; anomalous network connection sequences; automatic rule generation; decision trees; domain knowledge; genetic algorithms; intrusion detection expert system; machine learning; network connection classification; network intrusion detection; Application software; Artificial intelligence; Automation; Computer networks; Data analysis; Genetics; Intrusion detection; Laboratories; Machine learning; Telecommunication traffic;
Conference_Titel :
Computer Security Applications Conference, 1999. (ACSAC '99) Proceedings. 15th Annual
Conference_Location :
Phoenix, AZ
Print_ISBN :
0-7695-0346-2
DOI :
10.1109/CSAC.1999.816048
