With the fast growing cyber activity day by day, the threat from cyber attacks has increased enormously. The timely detection of these cyber attacks has been a major concern to many governments and organizations all over the world. A number of cyber attack detection systems have been developed in the past decade. However, most of them tend to suffer from two main issues: high computational complexity and low detection accuracy. In this thesis, a new distributed framework is proposed for cyber attack detection. Besides detecting the attacks, the proposed system also classifies the attacks into different categories so that corresponding proper counteraction can be taken in time. The proposed system uses multiple sensors which are deployed at various parts of the network, thus providing a complete view of the network. The traditional centralized processing approach, in which all the sensors transmit their entire data to a central decision making unit, has high computational complexity and requires huge bandwidth. Hence, the proposed system employs distributed processing, where each sensor processes the observed data and generates a local decision. All the local decisions from all the sensors are then transmitted to the fusion center, which generates a final decision based on all the available local decisions. At each sensor, multiple supervised binary classifiers are employed. Support vector machines, which are one of the best, are used as the classifiers. A new fast and efficient training approach for support vector machines is proposed, which greatly reduces the computational complexity of training the support vector machines without significantly affecting the classification performance. Effective fusion rules, at each sensor and at the fusion center, are proposed using the Dempster-Shafer theory. The proposed cyber attack detection system is evaluated using the popular 1999 KDD intrusion detection dataset, which is a version of the 1998 DARPA intrusion detection evaluation program data.
|Commitee:||Hagan, Martin T., Sheng, Weihua|
|School:||Oklahoma State University|
|School Location:||United States -- Oklahoma|
|Source:||MAI 50/04M, Masters Abstracts International|
|Subjects:||Applied Mathematics, Statistics, Electrical engineering|
|Keywords:||Cyber attack detection, Cyber attacks, Data fusion, Dempster-shafer theory, Distributed detection, Support vector machine|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be