Dissertation/Thesis Abstract

A new distributed framework for cyber attack detection and classification
by Gutta, Sandeep, M.S., Oklahoma State University, 2011, 86; 1506488
Abstract (Summary)

With the fast growing cyber activity day by day, the threat from cyber attacks has increased enormously. The timely detection of these cyber attacks has been a major concern to many governments and organizations all over the world. A number of cyber attack detection systems have been developed in the past decade. However, most of them tend to suffer from two main issues: high computational complexity and low detection accuracy. In this thesis, a new distributed framework is proposed for cyber attack detection. Besides detecting the attacks, the proposed system also classifies the attacks into different categories so that corresponding proper counteraction can be taken in time. The proposed system uses multiple sensors which are deployed at various parts of the network, thus providing a complete view of the network. The traditional centralized processing approach, in which all the sensors transmit their entire data to a central decision making unit, has high computational complexity and requires huge bandwidth. Hence, the proposed system employs distributed processing, where each sensor processes the observed data and generates a local decision. All the local decisions from all the sensors are then transmitted to the fusion center, which generates a final decision based on all the available local decisions. At each sensor, multiple supervised binary classifiers are employed. Support vector machines, which are one of the best, are used as the classifiers. A new fast and efficient training approach for support vector machines is proposed, which greatly reduces the computational complexity of training the support vector machines without significantly affecting the classification performance. Effective fusion rules, at each sensor and at the fusion center, are proposed using the Dempster-Shafer theory. The proposed cyber attack detection system is evaluated using the popular 1999 KDD intrusion detection dataset, which is a version of the 1998 DARPA intrusion detection evaluation program data.

Indexing (document details)
Advisor: Cheng, Qi
Commitee: Hagan, Martin T., Sheng, Weihua
School: Oklahoma State University
Department: Electrical Engineering
School Location: United States -- Oklahoma
Source: MAI 50/04M, Masters Abstracts International
Source Type: DISSERTATION
Subjects: Applied Mathematics, Statistics, Electrical engineering
Keywords: Cyber attack detection, Cyber attacks, Data fusion, Dempster-shafer theory, Distributed detection, Support vector machine
Publication Number: 1506488
ISBN: 9781267185211
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest