An Application of Machine Learning to Anomaly Detection
Author
T. Lane and C. Brodley
Abstract
The anomaly detection problem has been widely studied in the computer security literature. In this paper we present a machine learning approach to anomaly detection. Our system builds user profiles based on command sequences and compares current input sequences to the profile using a similarity measure. The system must learn to classify current behavior as consistent or anomalous with past behavior using only positive examples of the account's valid user. Our empirical results demonstrate that this is a promising approach to distinguishing the legitamate user from an intruder
Date
1997 – February – 14
Affiliation
Purdue University
Publication Date
0000-00-00
Keywords
computer security, anomaly detection, machine learning
Location
A hard-copy of this is in the CERIAS Library
Subject
Computer security