Incremental Bayesian segmentation for intrusion detection

Hastings, Joseph R., 1980-

Author(s)

Hastings, Joseph R., 1980-

DownloadFull printable version (6.413Mb)

Other Contributors

Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.

Advisor

Peter Szolovits.

Terms of use

M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

This thesis describes an attempt to monitor patterns of system calls generated by a Unix host in order to detect potential intrusion attacks. Sequences of system calls generated by privileged processes are analyzed using incremental Bayesian segmentation in order to detect anomalous activity. Theoretical analysis of various aspects of the algorithm and empirical analysis of performance on synthetic data sets are used to tune the algorithm for use as an Intrusion Detection System.

Description

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, February 2004.

Includes bibliographical references (leaves 131-133).

Date issued

2004

URI

http://hdl.handle.net/1721.1/28399

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Graduate Theses