Guozhu Dong (Advisor), Bin Wang (Committee Member), Junjie Zhang (Committee Member)
Master of Science in Cyber Security (M.S.C.S.)
In an earlier paper, a method called One-class Classification using Length statistics of (jumping) Emerging Patterns (OCLEP) was introduced for masquerader detection. Jumping emerging patterns (JEPs) for a test instance are minimal patterns that match the test instance but they do not match any normal instances. OCLEP was based on the observation that one needs long JEPs to differentiate an instance of one class from instances of the same class, but needs short JEPs to differentiate an instance of one class from instances of a different class. In this thesis, we present OCLEP+, One-class Classification using Length statistics of Emerging Patterns Plus by adding several new ideas to OCELP. OCLEP+ retains the one-class training feature of OCELP, hence it only requires the normal class data for training. Moreover, OCELP+ has the advantage of being not model or signature based, making it hard to evade. OCLEP+ uses only length statistics of JEPs, making it a robust method. Experiments show that OCELP+ is more accurate than OCLEP and one-class SVM, on the NSL-KDD datasets.
Department or Program
Department of Computer Science and Engineering
Year Degree Awarded
Copyright 2017, all rights reserved. My ETD will be available under the "Fair Use" terms of copyright law.