yihua liao v rao vemuri
play

Yihua Liao, V. Rao Vemuri Mingxing Gong CISC850 Cyber Analytics - PowerPoint PPT Presentation

Dec 20, 2022 •254 likes •455 views

Use of K-Nearest Neighbor classifier for intrusion detection Yihua Liao, V. Rao Vemuri Mingxing Gong CISC850 Cyber Analytics Outline Introduction Methodology Experiments Discussion & Conclusion Outline Introduction

  1. Use of K-Nearest Neighbor classifier for intrusion detection Yihua Liao, V. Rao Vemuri Mingxing Gong CISC850 Cyber Analytics

  2. Outline • Introduction • Methodology • Experiments • Discussion & Conclusion

  3. Outline • Introduction • Methodology • Experiments • Discussion & Conclusion

  4. Introduction ▪ High false alarm probability or low attack detection accuracy ▪ Two general approaches: • Misuse detection • Anomaly detection ▪ Local ordering vs. frequency of system calls

  5. Nearest Neighbour Rule Consider a two class problem where each sample consists of two measurements ( x,y ). k = 1 Compute the k nearest neighbours and assign the class by majority vote. k = 3 Reference: www.robots.ox.ac.uk/~dclaus/cameraloc/samples/nearestneighbour.ppt

  6. Outline • Introduction • Methodology • Experiments • Discussion & Conclusion

  7. Methodology • Apply text categorization methods to intrusion detection

  8. Methodology • Each document is represented by a vector of words • Weighting approach tf·idf (term frequency – inverse document frequency) • The cosine similarity is defined as follows:

  9. Outline • Introduction • Methodology • Experiments • Discussion & Conclusion

  10. Experiments • DARPA data • Cross validation and 50 distinct system calls

  11. KNN classifier algorithm for anomaly detection

  12. KNN classifier performance

  13. Anomaly Detection • The overall running time of the kNN method is O(N) • Integrate with signature verification

  14. Frequency Weighting vs. tf·idf Weighting

  15. Frequency Weighting vs. tf·idf Weighting

  16. Outline • Introduction • Methodology • Experiments • Discussion & Conclusion

  17. Discussion • kNN Classifier advantages • Compared tf·idf weighting with the frequency weighting • Classification cost can be further reduced by only using most influential system calls

  18. Conclusion • kNN Classifier is able to effectively detect intrusive program behavior with low false positive rate • Further research is in process to investigate the reliability and scaling properties of the kNN classifier method

  19. Reference [1] www.robots.ox.ac.uk/~dclaus/cameraloc/samples/nearestneighbour.ppt [2] Yihua Liao, V. Rao Vemuri , ‘Use of K -Nearest Neighbor classifier for intrusion detection’, Computers & Security, Volume 21, Issue 5 , 1 October 2002, Pages 439-448

Recommend

A Novel Tensor Distribution Model for the Diffusion Weighted MR Signal Baba C. Vemuri UFRF

A Novel Tensor Distribution Model for the Diffusion Weighted MR Signal Baba C. Vemuri UFRF

Introduction Background Theory Results Conclusions A Novel Tensor Distribution Model for the Diffusion Weighted MR Signal Baba C. Vemuri UFRF Professor & Director Center for Vision, Graphics, and Medical Imaging Department of Computer

1.35k views • 101 slides
Throughput prediction based on mobile device context in Cellular Network Yihua (Ethan) Guo

Throughput prediction based on mobile device context in Cellular Network Yihua (Ethan) Guo

Throughput prediction based on mobile device context in Cellular Network Yihua (Ethan) Guo University of Michigan AIMS-5 2013 Background Prevalence of cellular networks Mobile Traffic is expected to grow rapidly in the near future

510 views • 18 slides
of Wear OS Xiao Zhu 1 Yihua Ethan Guo 2 Ashkan Nikravesh 1 Feng Qian 3 Z. Morley Mao 1 1 University

of Wear OS Xiao Zhu 1 Yihua Ethan Guo 2 Ashkan Nikravesh 1 Feng Qian 3 Z. Morley Mao 1 1 University

Understanding the Networking Performance of Wear OS Xiao Zhu 1 Yihua Ethan Guo 2 Ashkan Nikravesh 1 Feng Qian 3 Z. Morley Mao 1 1 University of Michigan 2 Uber Techologies Inc. 3 Univeristy of Minnesota 1 Wearable Networking Is Important

580 views • 28 slides
A Systematic Data Driven Comparison Xiaofeng Zhou, Xu Yihua, Brandon Suehs, Abraham Hartzema,

A Systematic Data Driven Comparison Xiaofeng Zhou, Xu Yihua, Brandon Suehs, Abraham Hartzema,

Observational Medical Outcomes Partnership and Mini-Sentinel Common Data Models and Analytics: A Systematic Data Driven Comparison Xiaofeng Zhou, Xu Yihua, Brandon Suehs, Abraham Hartzema, Michael Kahn, Yola Moride, Brian Sauer, Qing Liu,

244 views • 20 slides
MANDALA Team Edo Roth (Systems Architect) Harsha Vemuri (Tester) Kanika Verma (Manager)

MANDALA Team Edo Roth (Systems Architect) Harsha Vemuri (Tester) Kanika Verma (Manager)

MANDALA Team Edo Roth (Systems Architect) Harsha Vemuri (Tester) Kanika Verma (Manager) Samantha Wiener (Language Guru) Motivations Mandala is a geometric pattern Simple and intuitive code complex and accurate geometric designs

351 views • 10 slides
for HPC workloads Key Liao Center for HPC Shanghai Jiao Tong University Jan 9th, 2019 About Me

for HPC workloads Key Liao Center for HPC Shanghai Jiao Tong University Jan 9th, 2019 About Me

Benchmarking Huawei ARM Multi-Core Processors for HPC workloads Key Liao Center for HPC Shanghai Jiao Tong University Jan 9th, 2019 About Me Key Liao ( ) B.S. from Environment Science and Engineering, SJTU. HPC Engineer of Center

664 views • 21 slides
Simulating Soil Moisture Dynamics in NCEP Numerical Weather/Climate Prediction Models Yihua Wu 1 ,

Simulating Soil Moisture Dynamics in NCEP Numerical Weather/Climate Prediction Models Yihua Wu 1 ,

Simulating Soil Moisture Dynamics in NCEP Numerical Weather/Climate Prediction Models Yihua Wu 1 , Youlong Xia 1 , Helin Wei 1 & Jack Kain 2 1 IMSG at NOAA/NCEP/EMC, 2 NOAA/NCEP/EMC, 6/06/2018 MOISST2018, Lincoln, NE 1 Outline

646 views • 18 slides
SECOND LIFE WORK FLOW Tejeshwar Sangameswaran Ayu Nakaoka Sanjay Vemuri Keith Perkins OUTLINE The

SECOND LIFE WORK FLOW Tejeshwar Sangameswaran Ayu Nakaoka Sanjay Vemuri Keith Perkins OUTLINE The

SECOND LIFE WORK FLOW Tejeshwar Sangameswaran Ayu Nakaoka Sanjay Vemuri Keith Perkins OUTLINE The problem at hand Work previously done The solution Project status Pharmacy simulation Demo PROBLEM AT HAND Workflow is a sequence of

252 views • 12 slides
Hard Disk Reading Process Hard Disk Reading Process Becky Jaiven Becky Jaiven Dini Vemuri

Hard Disk Reading Process Hard Disk Reading Process Becky Jaiven Becky Jaiven Dini Vemuri

Hard Disk Reading Process Hard Disk Reading Process Becky Jaiven Becky Jaiven Dini Vemuri Vemuri Dini Jason Naso Naso Jason Gabi Nunes Nunes Gabi Reading Components Reading Components Modern disk drives typically consist of

234 views • 11 slides
Highway Networks and Residual Networks Renjie Liao University of Toronto Jan 26, 2016 Renjie

Highway Networks and Residual Networks Renjie Liao University of Toronto Jan 26, 2016 Renjie

Highway Networks and Residual Networks Renjie Liao University of Toronto Jan 26, 2016 Renjie Liao (UofT) Highway Networks and Residual Networks Jan 26, 2016 1 / 23 Neural Network A network connecting numerous neurons Renjie Liao (UofT)

685 views • 40 slides
Incremental Randomized Sketching for Online Kernel Learning Shizhong Liao Xiao Zhang College

Incremental Randomized Sketching for Online Kernel Learning Shizhong Liao Xiao Zhang College

Incremental Randomized Sketching for Online Kernel Learning Shizhong Liao Xiao Zhang College of Intelligence and Computing, Tianjin University szliao@tju.edu.cn June 13, 2019 Xiao Zhang Shizhong Liao (TJU) ICML 2019 June 13, 2019 1 / 11

246 views • 11 slides
Decentralized Prediction of End-to-End Network Performance Classes Yongjun Liao, Wei Du, Pierre

Decentralized Prediction of End-to-End Network Performance Classes Yongjun Liao, Wei Du, Pierre

Introduction Class-based Representation Matrix Completion Experiments and Evaluations Conclusions and Future Work Decentralized Prediction of End-to-End Network Performance Classes Yongjun Liao, Wei Du, Pierre Geurts, Guy Leduc Research Unit

899 views • 75 slides
? ? Dun-Hao Chang, Wen-Chieh Liao, Hsu Ma Division of Plastic Surgery, Department of Surgery,

? ? Dun-Hao Chang, Wen-Chieh Liao, Hsu Ma Division of Plastic Surgery, Department of Surgery,

Research of the Fate of Fat Graft ? ? Dun-Hao Chang, Wen-Chieh Liao, Hsu Ma Division of Plastic Surgery, Department of Surgery, Taipei Veterans General Hospital, Taiwan The authors have nothing to disclose for financial interest. Early

219 views • 10 slides
TOWARDS AN OPTIMAL SUBSPACE FOR K-MEANS ADVISOR: JIA-LING KOH SPEAKER: YIN-HSIANG LIAO

TOWARDS AN OPTIMAL SUBSPACE FOR K-MEANS ADVISOR: JIA-LING KOH SPEAKER: YIN-HSIANG LIAO

TOWARDS AN OPTIMAL SUBSPACE FOR K-MEANS ADVISOR: JIA-LING KOH SPEAKER: YIN-HSIANG LIAO 2018/01/30, FROM KDD 2017. Introduction Which Two attributes you will pick, If you what to show the clusters? Petal_length, Petal_width. Iris dataset 2

555 views • 32 slides
Counting defective interfering particles: Easy as 1, 2, 3, . . . ? Laura Liao 1 1 Department of

Counting defective interfering particles: Easy as 1, 2, 3, . . . ? Laura Liao 1 1 Department of

What is a DIP? Conventional DIP counting An alternative method Conclusions Counting defective interfering particles: Easy as 1, 2, 3, . . . ? Laura Liao 1 1 Department of (Viro) Physics, Ryerson University Supervisor: Prof. Catherine Beauchemin

310 views • 10 slides
Assessing the Similarity of Bio-analytical Methods (Linear Case) Jason Liao, Ph.D. Merck

Assessing the Similarity of Bio-analytical Methods (Linear Case) Jason Liao, Ph.D. Merck

Assessing the Similarity of Bio-analytical Methods (Linear Case) Jason Liao, Ph.D. Merck Research Laboratories Joint work with Yu Tian, Rong Liu, Robert Capen Non-Clinical Statistics Conference, 2008 Outline Introduction

361 views • 21 slides
Time-Synchronization in Mobile Sensor Networks from Difference Measurements Chenda Liao and

Time-Synchronization in Mobile Sensor Networks from Difference Measurements Chenda Liao and

Time-Synchronization in Mobile Sensor Networks from Difference Measurements Chenda Liao and Prabir Barooh Distributed Control System Lab Dept. of Mechanical and Aerospace Eng. University of Florida, Gainesville, FL 49th IEEE Conference on

560 views • 22 slides
Haojun Liao Jizhong Han Jinyun Fang {liaohaojun, hjz, fangjy}@ict.ac.cn 2010-7-15

Haojun Liao Jizhong Han Jinyun Fang {liaohaojun, hjz, fangjy}@ict.ac.cn 2010-7-15

Haojun Liao Jizhong Han Jinyun Fang {liaohaojun, hjz, fangjy}@ict.ac.cn 2010-7-15 Introduction Design Overview Implementation Details Performance Evaluation Conclusion & Future work Data Volume Data volumes

405 views • 29 slides
VACUUM AND PRESSURE BAGGINGS TO IMPROVE THE CFRP WRAPPINGS OF CONCRETE CYLINDERS W.C. Liao 1* , Y.

VACUUM AND PRESSURE BAGGINGS TO IMPROVE THE CFRP WRAPPINGS OF CONCRETE CYLINDERS W.C. Liao 1* , Y.

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS VACUUM AND PRESSURE BAGGINGS TO IMPROVE THE CFRP WRAPPINGS OF CONCRETE CYLINDERS W.C. Liao 1* , Y. K. Chang 1 , W. T. Su 1 , M. D. Huang 2 1 Department of Civil Engineering, Feng Chia

100 views • 5 slides
Study of ' pp at BESIII Study of pp at BESIII Xiaotao LIAO Institute of

Study of ' pp at BESIII Study of pp at BESIII Xiaotao LIAO Institute of

Study of ' pp at BESIII Study of pp at BESIII Xiaotao LIAO Institute of High Energy Physics, Beijing (On behalf of the BESIII Collaboration) XIV International Conference on Hadron Spectroscopy XIV International

396 views • 23 slides
Inhomogeneous Diophantine approximation with general error functions Lingmin LIAO & Micha

Inhomogeneous Diophantine approximation with general error functions Lingmin LIAO & Micha

Inhomogeneous Diophantine approximation with general error functions Lingmin LIAO & Micha l RAMS Universit e Paris-Est Cr eteil Advances on fractals and related topics Chinese University of Hong Kong December 10th 2012 Lingmin

219 views • 9 slides
A Copy-Protection Technique with Multi-Level Error Coding Chen-Yin Liao, Jen-Wei Yeh and

A Copy-Protection Technique with Multi-Level Error Coding Chen-Yin Liao, Jen-Wei Yeh and

A Copy-Protection Technique with Multi-Level Error Coding Chen-Yin Liao, Jen-Wei Yeh and Ming-Seng Kao Department of Communication Engineering National Chiao-Tung University Hsinchu, Taiwan 1 Contents Introduction Coding scheme

423 views • 19 slides
Impact of NSI on sterile neutrino searches at IceCube Danny Marfatia with Jiajun Liao

Impact of NSI on sterile neutrino searches at IceCube Danny Marfatia with Jiajun Liao

Impact of NSI on sterile neutrino searches at IceCube Danny Marfatia with Jiajun Liao (1602.08766, PRL) LSND e Baseline: 30 m Maximum energy: 53 MeV m 2 1 eV 2 L/E 1 km / GeV = mass MiniBooNE

776 views • 21 slides
A BRIEF INTRODUCTION TO BLOCKCHAIN NANCY LIAO 05 JOHN R. RABEN/SULLIVAN & CROMWELL

A BRIEF INTRODUCTION TO BLOCKCHAIN NANCY LIAO 05 JOHN R. RABEN/SULLIVAN & CROMWELL

A BRIEF INTRODUCTION TO BLOCKCHAIN NANCY LIAO 05 JOHN R. RABEN/SULLIVAN & CROMWELL EXECUTIVE DIRECTOR YLS ASSOCIATE RESEARCH SCHOLAR IN LAW BLOCKCHAIN HAS MANY MEANINGS To understand the power of blockchain systems, and the

351 views • 11 slides

More recommend