A UNIX Anomaly Detection System using Self-Organising Maps
The Structure of the Presentation
Introduction: Research Motivation�Why Intrusion Detection?
Defenition: Intrusion
Some Types of Intrusions
How to Find Intruders?
Security System Components �Javitz (1992)
Our Objectives
The Anomaly Detection System
Data Gathering and Processing
Properties of the Self Organising Map
The Kohonen Self Organising Map (SOM)
The SOM Algorithm
User Behaviour Visualisation
Example: User 42
Analysis of Map for User 42
Feature Planes For SOM on slide 15
PPT Slide
Automatic Anomaly Detection
Example: Anomaly Report
The Visualisation Map of User 8
The Yesterday (Y1) Data for User 8
The Visualisation Map of User 48
The Yesterday (Y1) Data for User 48
An Interesting Example
Results
PPT Slide