Intrusion detection using MDL clustering

An intrusion detection method, system and computer-readable media are disclosed. The system can include a processor programmed to perform computer network intrusion detection. The intrusion detection can include an identification module and a detection module. The identification module can be adapte...

Full description

Saved in:
Bibliographic Details
Main Authors STEINBRECHER ERIC, EVANS SCOTT CHARLES, SCHOLZ BERNHARD, MARKHAM THOMAS, DILL STEPHEN J, BARNETT BRUCE, YAN WEIZHONG, IMPSON JEREMY
Format Patent
LanguageEnglish
Published 11.08.2015
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:An intrusion detection method, system and computer-readable media are disclosed. The system can include a processor programmed to perform computer network intrusion detection. The intrusion detection can include an identification module and a detection module. The identification module can be adapted to perform semi-supervised machine learning to identify key components of a network attack and develop MDL models representing those attack components. The detection module can cluster the MDL models and use the clustered MDL models to classify network activity and detect polymorphic or zero-day attacks.
Bibliography:Application Number: US201113102899