A Data Reduction Method for Intrusion Detection
Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review
Author(s)
Detail(s)
| Original language | English |
|---|---|
| Pages (from-to) | 101-108 |
| Journal / Publication | Journal of Systems and Software |
| Volume | 33 |
| Issue number | 1 |
| Publication status | Published - Apr 1996 |
| Externally published | Yes |
Link(s)
Abstract
This paper describes a technique for improving efficiency of data analysis involved in intrusion detection. Intrusion detection aims to detect security violations from abnormal patterns of system usage. It is required that user activities be monitored by the system and that monitoring data be analyzed to recognize behavior patterns of users. Multivariate data analysis may be used to achieve intrusion detection. Nevertheless, system monitoring typically records everything that each user performs in the system; hence, a massive volume of monitoring data is created. To allow analysis of monitoring data to be performed efficiently, it is essential to develop techniques that, without losing important information, reduce the amount of data to be processed. This paper presents a data reduction method that makes multivariate data analysis involved in intrusion detection more efficient. Our data reduction technique extracts, from the original data set, discriminating components that best characterize user behavior. This way, the amount of data to be processed by the multivariate data analysis module will be reduced substantially.
Citation Format(s)
A Data Reduction Method for Intrusion Detection. / Lam, Kwok-Yan; Hui, Lucas; Chung, Siu-Leung.
In: Journal of Systems and Software, Vol. 33, No. 1, 04.1996, p. 101-108.Research output: Journal Publications and Reviews (RGC: 21, 22, 62) › 21_Publication in refereed journal › peer-review
