Swarm-Based Knowledge Discovery for Intrusion Behavior Discovering
作者: Xiaohui Cui , Justin Beaver , Thomas Potok
关键词: Security management 、 Intrusion detection system 、 Knowledge extraction 、 Data visualization 、 Visualization 、 Swarm behaviour 、 Pattern recognition (psychology) 、 Artificial intelligence 、 Exploit 、 Machine learning 、 Computer science
摘要: In this research, we developed a technique, the Swarm-based Visual Data Mining approach (SVDM), that will help user to gain insight into Intrusion Detection System (IDS) alert event data stream, come up with new hypothesis, and verify hypothesis via interaction between human system. This novel malicious detection system can efficiently security officer detect anomaly behaviors of in high dimensional time dependent state spaces. system's visual representations exploit being's innate ability recognize patterns utilize manager understand relationships seemingly discrete breaches.
computer.org
ieeecomputersociety.org参考文章(16)
Vipin Kumar, Pang-Ning Tan, Michael M. Steinbach, Introduction to Data Mining ,(2013)
Aaron Schwartzbard, Michael Schatz, Anup K. Ghosh, Learning program behavior profiles for intrusion detection ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 6- 6 ,(1999)
Vitorino Ramos, Juan Julián Merelo Guervós, Self-Organized Stigmergic Document Maps: Environment as a Mechanism for Context Learning arXiv: Artificial Intelligence. ,(2004)
Tim Bass, Intrusion detection systems and multisensor data fusion Communications of The ACM. ,vol. 43, pp. 99- 105 ,(2000) , 10.1145/332051.332079
S. Mathew, R. Giomundo, S. Upadhyaya, M. Sudit, A. Stotz, Understanding multistage attacks by attack-track based visualization of heterogeneous event streams Proceedings of the 3rd international workshop on Visualization for computer security - VizSEC '06. pp. 1- 6 ,(2006) , 10.1145/1179576.1179578
Mahboobeh Soleimani, Ehsan Khosrowshahi Asl, Mina Doroud, Morteza Damanafshan, Akbar Behzadi, Maghsoud Abbaspour, RAAS Proceedings of the 2007 ACM symposium on Applied computing - SAC '07. pp. 259- 263 ,(2007) , 10.1145/1244002.1244067
Xiaohui Cui, Jinzhu Gao, Thomas E. Potok, A flocking based algorithm for document clustering analysis Journal of Systems Architecture. ,vol. 52, pp. 505- 515 ,(2006) , 10.1016/J.SYSARC.2006.02.003
Asaf Shabtai, Denis Klimov, Yuval Shahar, Yuval Elovici, An intelligent, interactive tool for exploration and visualization of time-oriented security data Proceedings of the 3rd international workshop on Visualization for computer security - VizSEC '06. pp. 15- 22 ,(2006) , 10.1145/1179576.1179580
Florian Mansmann, Fabian Fischer, Daniel A. Keim, Stephen C. North, Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations computer human interaction for management of information technology. pp. 3- ,(2009) , 10.1145/1641587.1641590
Hideki Koike, Kazuhiro Ohno, SnortView: visualization system of snort logs visualization for computer security. pp. 143- 147 ,(2004) , 10.1145/1029208.1029232