Home

Find us on

facebook youtube flickr twitter itunes u logo

 

Past Programs  

mechael youtube

Keynote: Securing IT in Healthcare: Part III
Patty Mechael
mHealth Alliance
May 16, 2013
 nilsen youtube

Keynote: SITH3, Technology-Enabled Remote Monitoring and Support
Wendy Nilsen
National Institutes of Health (NIH)
May 17, 2013
sith3 panel1 youtube

Intersection of mHealth and Behavioral Health
SITH3 Workshop, Panel 1
May 17, 2013

 

Newsletter 

ists newsletter summer 2012

 

ISTS Information Pamphlet


2012BrochureCover

 

Institute for Security, Technology, and Society
Dartmouth College
6211 Sudikoff Laboratory
Hanover, NH 03755 USA
info.ists@dartmouth.edu
HomeProjects > Project Archives >

Data Mining for Detection of Network Intrusions

Project Summary

Data Mining for Intrusion Detection

  1. Stepping Stones: We have focused on the application of data-mining techniques to a particular problem: detecting "stepping stones,'' that is, a situation where someone is telnetting through a sequence of machines. The theory is that while some of these occurrences are innocent, hackers quite frequently use a series of steppingstones to get to their target, in order to minimize the chance that the intrusion can be traced to their home machine.
  2. Masqueraders: Using the recently published Bell-Labs benchmark data, where real users' logs of UNIX commands were modified by using real logs from another user in a small number of places, Mr. Yung investigated the problem of detecting "masqueraders," where one user gets control of the account of another. Yung developed a technique that beats all of the proposed techniques that have been developed for the problem represented by this data. In particular, he gets significantly smaller false-positive rates for a fixed false-negative rate. The big idea is constant revision of what "normal" behavior for a user means, as more data is gathered, and the user's behavior evolves slowly.
  • Project Lead: Jeffrey Ullman (Stanford)