Here’s a presentation, “Learning Program Behavior Profiles for Intrusion Detection“, intended to talk about a few neural network approaches to the problem of detecting anomalous behavior in a network setting. The material is taken from a 1999 paper, of the same name as the post, by Anup Ghosh, Aaron Schwartzbard, et al. from Reliable Software Technologies Corp., under Usenix. The truth is there are many other alternate machine learning approaches alive and well out there not covered in this paper that have more mathematically dependable results, while neural nets work almost magically without too many people understanding why, lacking the sufficient proofs. However, I think there is still value in understanding older methods even though a decade has been enough to cover the nets in dust. Another point is that though this group does present well above average results in its paper which demonstrate that the method can be used for less critical networks, they are not acceptable for companies and orgs that don’t have room for errors.
The original paper can be found listed under Usenix.
Loading ...
Recent Comments