Parallel and distributed computing for cybersecurity

Research output: Contribution to journalArticlepeer-review

76 Scopus citations

Abstract

The Minnesota Intrusion Detection System (MINDS), a data mining based system, can detect sophisticated cyberattacks on large-scale networks using signature-based systems. At MINDS' core is a behavioral-anomaly detection module based on a novel data-driven technique for calculating the distance between points in high-dimensional space, enabling meaningful calculation of the similarity between records containing a mixture of categorical and numerical attitudes. MINDS uses the shared nearest neighbor clustering algorithm, which works particularly well when data is high-dimensional and noisy. Its ability to summarize large amounts of network traffic can be highly valuable for network security analysts who must deal with large amounts of data.

Original languageEnglish (US)
JournalIEEE Distributed Systems Online
Volume6
Issue number10
DOIs
StatePublished - Oct 2005

Bibliographical note

Funding Information:
This work is supported by ARDA grant AR/F30602-03-C-0243, NSF grants IIS-0308264 and ACI-0325949, and the US Army High Performance Computing Research Center under contract DAAD19-01-2-0014. The research reported in this article was performed in collaboration with Paul Dokas, Eric Eilertson, Levent Ertoz, Aleksandar Lazarevic, Michael Steinbach, George Simon, Mark Shaneck, Haiyang Liu, Jaideep Srivastava, Pang-Ning Tan, Varun Chandola, Yongdae Kim, Zhi-li Zhang, Sanjay Ranka, and Bob Grossman.

Fingerprint

Dive into the research topics of 'Parallel and distributed computing for cybersecurity'. Together they form a unique fingerprint.

Cite this