This paper introduces the Minnesota Intrusion Detection System (MINDS), which uses a suite of data mining techniques to automatically detect attacks against computer networks and systems. While the long-term objective of MINDS is to address all aspects of intrusion detection, this paper focuses on two specific contributions: an unsupervised anomaly detection technique that assigns a score to each network connection that reflects how anomalous the connection is, and an association pattern analysis based module that summarizes those network connections that are ranked highly anomalous by the anomaly detection module.
Did you find this white paper useful?
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Complexity versus Security: How to Strike a Balance and Maintain Your Sanity
Instead of buying expensive individual products that add complexity to an organization's security architecture, many small to medium businesses are now able to take a holistic approach to their needs....
Deep Packets: Application Layer Security Threats
Attackers have progressed from scanning network ports and creating denial-of-service attacks to targeting software such as Web browsers, Web servers, e-mail programs and even database servers. Viruses can sometimes go...
Free 30 Day Trial: Sophos Endpoint Security and Control
Sophos Endpoint Security makes it easy to secure your desktops, laptops, mobile devices and file servers from viruses, spyware, adware, potentially unwanted applications (PUAs), and hackers, so you no longer...
HOWTO: Writing Your Own GPS Applications: Part 2
There are several ways to distort a GPS satellite signal; some are corrected by the Department of Defense and others can be corrected in your GPS receiver using real-time ground...
