Workshop on Statistical and Machine
Learning Techniques in Computer
Intrusion Detection
Detecting Novel Network Intrusions in Audit Data
Ningning Wu, Jing Zhang
Abstract:
As new network attacks are emerging more frequently, the need for intrusion detection systems to detect novel attacks become pressing. This paper introduces several statistical- technique based anomaly detection algorithms that have been developed and tested on a network anomaly detection system Audit Data Analysis and Mining (ADAM). The algorithms have demonstrated strong potentials in detecting novel network intrusions in the audit data. Then the paper proposes a novel-attack detection module that integrates the three anomaly detection algorithms using a meta-learning algorithm, and presents some preliminary experiment results based on DARPA Intrusion Detection Evaluation data.