skip to main content
Department of Computer Science University of Colorado Boulder
cu: home | engineering | mycuinfo | about | cu a-z | search cu | contact cu cs: about | calendar | directory | catalog | schedules | mobile | contact cs
home · undergraduate program · senior project · projects · 
 

Senior Project - SINBAD

 

Signature Based Anomaly Detection

Senior Project: 1998-1999
David Deniman, Paul Kaliszewski, Kelly Le, Jason Nix and Michael Walter
Business Recovery Services
Boulder, CO

Real-Time Intrusion Detection (RTID) systems attempt to determine when and how systems might be compromised by external attacks on the systems, for instance, an unauthorized user obtaining passwords of legitimate users and accessing confidential data. While there are a number of systems that detect possible attacks, they tend to generate many false positives, i.e. they report large numbers of incidents as possible attacks that, after analysis, turn out to be normal activity. Analyzing these incidents to determine if they are indeed an attack is a very tedious and time-consuming task.

The goal of the project was to research the possibility of automating this process. The approach was to develop a system that profiled normal activity on a per user basis, and with the use of a neural network, compares potential attacks to normal activity to determine if the suspected attack was real or not.

 
See also:
Department of Computer Science
College of Engineering and Applied Science
University of Colorado Boulder
Boulder, CO 80309-0430 USA
Questions/Comments?
Send email to

Engineering Center Office Tower
ECOT 717
+1-303-492-7514
FAX +1-303-492-2844
XHTML 1.0/CSS2 ©2012 Regents of the University of Colorado
Privacy · Legal · Trademarks
May 5, 2012 (14:07)
 
.