skip to main content

SciTech ConnectSciTech Connect

Title: In-situ trainable intrusion detection system

A computer implemented method detects intrusions using a computer by analyzing network traffic. The method includes a semi-supervised learning module connected to a network node. The learning module uses labeled and unlabeled data to train a semi-supervised machine learning sensor. The method records events that include a feature set made up of unauthorized intrusions and benign computer requests. The method identifies at least some of the benign computer requests that occur during the recording of the events while treating the remainder of the data as unlabeled. The method trains the semi-supervised learning module at the network node in-situ, such that the semi-supervised learning modules may identify malicious traffic without relying on specific rules, signatures, or anomaly detection.
Authors:
; ; ;
Publication Date:
OSTI Identifier:
1332095
Report Number(s):
9,497,204
14/468,000
DOE Contract Number:
AC05-00OR22725
Resource Type:
Patent
Resource Relation:
Patent File Date: 2014 Aug 25
Research Org:
Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; 99 GENERAL AND MISCELLANEOUS