http://www.cs.wisc.edu/~nicholau/research/bioCVG/NNADSPres1.ppt のHTMLバージョンです。
G o o g l eではファイルを自動的にHTMLに変換して保存しています。
このページのリンク又はお気に入りの登録にはこのURLをお使い下さい:http://www.google.com/search?q=cache:hQLkpOi2-LsJ:www.cs.wisc.edu/~nicholau/research/bioCVG/NNADSPres1.ppt+network+security+neural+network&hl=ja&ie=UTF-8&inlang=ja

Googleはこのページまたはページ内のコンテンツとは関連ありません。
これらのキーワードがハイライトされています:  network  security  neural  network 
 

Computer Account Hijacking Detection Using a Neural Network 

Nick Pongratz

Math 340

 

Neural Networks 
- Example Simple Network - 

[!] graphic taken from http://blizzard.gis.uiuc.edu/htmldocs/Neural/neural.html

 

Neural Networks 
- Backpropagation - 

[!] graphic taken from http://blizzard.gis.uiuc.edu/htmldocs/Neural/neural.html

 

Computer Security Introduction 

General computer use is skyrocketing.

Growing reliance on networks.

Greater need to “keep the bad guys out.”

 

Computer Security Introduction 

Reactive Security 

Proactive Security

 

Computer Security Introduction 
- Reactive Security - 

Break-in already occurred or is occurring. 

Minimize/repair damage already done. 

Patch the system against further similar attacks.

 

Computer Security Introduction 
- Reactive Security - 

Current applications: 
 
Most virus scanners 
Misuse detection 
Most Intrusion Detection Systems

 

Computer Security Introduction 
- Proactive Security - 

Strong passwords and correct permissions.

Secure software and operating systems.

Find system insecurities before bad guys do.

Physical security.

Self-adapting, smart systems.

 

Computer Security Introduction 
- Proactive Security - 

Current applications: 
 
Self-assessment 
Some virus scanners – heuristics 
Anomaly detection 

 

Intrusion Detection Systems 
- General Info - 

Most are reactive.

Detect strange behavior.

Analyze user I/O, network I/O, processes.

Look for misuse and anomalies. 

 

Intrusion Detection Systems 
- Misuse Detection - 

Compare activity with “signatures” of known attacks.

Signatures typically hand-coded.

Good for known attacks

Bad for previously unknown attacks 

 

Intrusion Detection Systems 
- Anomaly Detection - 

Compare activity with typical activity

“Fingerprints”

Adaptive

Good for detecting unusual behavior.

Not great for realtime monitoring.

 

MY PROJECT: 

Neural Network Anomaly Detection System

 

Neural Network Anomaly Detection System 

Currently analyses user behavior

Checks against fingerprints

Extendable

Adaptive

Semi-hybrid: Mostly reactive, has proactive elements 

 

Neural Network Anomaly Detection System 
- Neural Net Technical Details - 

Currently implemented in MATLAB.

Object-oriented.

Uses a feedforward backpropagation neural network.

Input: vector of command-use frequency.

Output: vector of true/false guesses of the corresponding users.

 

Neural Network Anomaly Detection System 
- System Details - 

 

Neural Network Anomaly Detection System 
- Pros and Cons - 

Pros: 
Accurate 
Extendable 
Adjusts

Cons: 
After-the-fact (not realtime) 
Training data MUST be legitimate 
Training can take a while 
One part of complete security system

 

Neural Network Anomaly Detection System 
- Future Directions - 

Extend to network communication.

Extend to running processes.

Include progression information in training.

Realtime (?)

Automatic response automation (?) 

 

Any Questions, Comments, Protests, a Summer Job For Me? 

Nick Pongratz 
njpongratz@students.wisc.edu

http://www.cs.wisc.edu/~nicholau/ 

Thank You!