Title :
Swarm-Based Knowledge Discovery for Intrusion Behavior Discovering
Author :
Cui, Xiaohui ; Beaver, Justin ; Potok, Thomas
Author_Institution :
Comput. Sci. & Eng. Div., Oak Ridge Nat. Lab., Oak Ridge, TN, USA
Abstract :
In this research, we developed a technique, the Swarm-based Visual Data Mining approach (SVDM), that will help user to gain insight into the Intrusion Detection System (IDS) alert event data stream, come up with new hypothesis, and verify the hypothesis via the interaction between the human and the system. This novel malicious user detection system can efficiently help security officer detect anomaly behaviors of malicious user in the high dimensional time dependent state spaces. This system´s visual representations exploit the human being´s innate ability to recognize patterns and utilize this ability to help security manager understand the relationships between seemingly discrete security breaches.
Keywords :
data mining; data visualisation; pattern recognition; security of data; IDS; SVDM; discrete security; event data stream; high dimensional time dependent state spaces; intrusion behavior discovering; intrusion detection system; malicious user detection system; pattern recognition; swarm-based knowledge discovery; swarm-based visual data mining approach; system visual representations; Data mining; Data visualization; History; Humans; IP networks; Security; Visualization; data mining; intrusion; swarm; visualization;
Conference_Titel :
Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2010 International Conference on
Conference_Location :
Huangshan
Print_ISBN :
978-1-4244-8434-8
Electronic_ISBN :
978-0-7695-4235-5
DOI :
10.1109/CyberC.2010.56
