|
Title:
|
DETECTING INSIDER THREATS WITH MACHINE LEARNING ALGORITHMS |
|
Author(s):
|
Sule Simsek , R. Joe Stanley |
|
ISBN:
|
978-972-8924-40-9 |
|
Editors:
|
Jörg Roth, Jairo Gutiérrez and Ajith P. Abraham (series editors: Piet Kommers, Pedro Isaías and Nian-Shing Chen) |
|
Year:
|
2007 |
|
Edition:
|
Single |
|
Keywords:
|
Intrusion detection, distributed systems, classification, data streams mining. |
|
Type:
|
Short Paper |
|
First Page:
|
150 |
|
Last Page:
|
154 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Computer attacks are often caused by the insider threats. Therefore, building computer systems that are less vulnerable to
insider attacks becomes a crucial problem. In this paper, the machine learning program, C4.5 and the rule-learning
algorithm, RIPPER were used for detecting insider threats. These techniques were applied to detect misuse intrusions in
a distributed system. The patterns of system behavior and the set of related system features were used to learn classifiers
that can recognize known intrusions. In this paper, the performances of these techniques were compared and presented. |
|
|
|
|
|
|
