USMA Research Unit Affiliation

Systems Engineering

Date of Award

Spring 5-21-2005

Degree Type

Master of Science (MS)

Document Type

Master's Thesis

Department

Decision Sciences and Engineering Systems

Abstract

Information security is very important in today’s society. Computer intrusion is one type of security infraction that poses a threat to all of us. Almost every person in modern parts of the world depend upon automated information. Information systems deliver paychecks on time, manage taxes, transfer funds, deliver important information that enables decisions, and maintain situational awareness in many different ways. Interrupting, corrupting, or destroying this information is a real threat. Computer attackers, often posing as intruders masquerading as authentic users, are the nucleus of this threat. Preventive computer security measures often do not provide enough; digital firms need methods to detect attackers who have breached firewalls or other barriers. This thesis explores techniques to detect computer intruders based upon UNIX command usage of authentic users compared against command usage of attackers. The hypothesis is that computing behavior of authentic users differs from the computing behavior of attackers. In order to explore this hypothesis, seven different variables that measure computing commands are created and utilized to perform predictive modeling to determine the presence or absence of a attacker. This is a classification problem that involves two known groups: intruders and non intruders. Techniques explored include a proven algorithm published by Matthius Schonlau in [17] and several predictive model variations utilizing the aforementioned seven variables; predictive models include linear discrimination analysis, clustering, kernel partial least squares learning machines.

USMA Research Goals Supported

Develop the Faculty Professionally, Address Important Issues Facing the Army and Nation

First Advisor

Mark J. Embrechts

Second Advisor

Boleslaw K. Szymanski

Publisher

Rensselaer Polytechnic Institute

Share

COinS