Date of Award

3-2002

Document Type

Thesis

Degree Name

Master of Science

Department

Department of Systems Engineering and Management

First Advisor

Alan R. Heminger, PhD

Abstract

Information systems are often inundated with thousands of attack alerts to distinguish novice hacker probes from genuine threats. Pattern classification can help filter relatively benign attacks from alerts generated by anomaly detectors, limited the numbers of alerts to requiring attention. This research investigates the feasibility of using pattern classification algorithms on network packed header information to classify network attacks. Both liner discrimination and radial basis function algorithms are trained using flood and scan attacks. The classifiers are then tested with unknown floods and scans to determine how well they categorize previously unseen attacks.

AFIT Designator

AFIT-GIR-ENV-02M-01

DTIC Accession Number

ADA400555

Share

COinS