J. Lee and M. Siddiqui (USA)
Cluster computing, parallel processing, data mining, intrusion detection, network security
Computer intrusion detection is an approach to detect suspected intrusions as soon as possible to reduce the damage to the system and take appropriate actions using the audit data generated by the computers. There are two basic approaches, anomaly detection and misuse detection. Anomaly detection is to define correct behavior of the system, and then to detect abnormal behaviors. Misuse detection is to characterize known intrusion patterns and generate explicit rules to describe them. Then, it monitors for those patterns to indicate an occurrence of intrusion. However, these algorithms are computationally expensive and the audit data are usually too huge to be processed manually or find valuable information heuristically. We use a high performance data mining technique to discover underlying hidden knowledge embedded in large volumes of data. We develop a parallel data mining model for intrusion detection using a parallel backpropagation neural network. We evaluate the performance of the developed model in terms of speedup, prediction rate, and false alarm rate. We also introduce the concurrent programming library we have been developing called Computational Resiliency library (CRlib) to implement the proposed high performance data mining algorithms.
Important Links:
Go Back
