About Us Our Work Employment News & Events
MITRE Remote Access for MITRE Staff and Partners Site Map
Our Work
Overview
Mission Areas
Systems Engineering
Information Technology
MITRE Research Program
MITRE Federal Employee Fellowship Program
Technology Transfer Office
Technical Papers

Follow Us:
Visit MITRE on Facebook
Visit MITRE on Twitter
Visit MITRE on Linkedin
Visit MITRE on YouTube
View MITRE's RSS Feeds
View MITRE's Mobile Apps
Home > Our Work > Technical Papers >
Data Mining for Improving Intrusion Detection

December 2000

Dr. Eric Bloedorn, The MITRE Corporation

ABSTRACT

In this presentation I'll discuss our experiences in applying data mining techniques to improving intrusion detection for the MITRE network. MITRE has a large, distributed network that is hit with approximately 300 incidents per week. These incidents represent an even large number of raw sensor events that all need to be reviewed by human analysts. Our work in applying data mining to this task is primarily focused on reducing this burden on the human analysts. To do this we have worked on deriving useful features and on understanding how clustering, anomaly detection and classication can most effectively be used.

View/Download Document

Additional Search Keywords

N/A

 

 

Page last updated: December 28, 2001   |   Top of page

Homeland Security Center Center for Enterprise Modernization Command, Control, Communications and Intelligence Center Center for Advanced Aviation System Development

 
 
 

Solutions That Make a Difference.®
Copyright © 1997-2013, The MITRE Corporation. All rights reserved.
MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only.
IDG's Computerworld Names MITRE a "Best Place to Work in IT" for Eighth Straight Year The Boston Globe Ranks MITRE Number 6 Top Place to Work Fast Company Names MITRE One of the "World's 50 Most Innovative Companies"
 

Privacy Policy | Contact Us