Machine Learning Project

Abstract

In this dissertation, we examine the machine learning issues raised by the domain of anomaly detection for computer security. The anomaly detection task is to recognize the presence of an unusual and potentially hazardous state within the activities of a computer user, system, or network. “Unusual” is defined with respect to some model of “normal” behavior which may be either hard-coded or learned from observation. We focus here on learning models of normalcy at the user behavioral level. [4] Marcus A. Maloof. Machine Learning and Data Mining Computer Security. Springer, 2005. Machine Learning and Data Mining for Computer Security provides an overview of the current state of research in machine learning and data mining as it applies to problems in computer security. This book has a strong focus on information processing and combines and extends results from computer security. The first part of the book surveys the data sources, the learning and mining methods, evaluation methodologies, and past work relevant for computer security. The second part