Skip to main content
SpringerLink
Log in
Book cover

Understanding Intrusion Detection Through Visualization pp 89–109Cite as

Visualizing the Inner Workings of a Self Learning Classifier: Improving the Usability of Intrusion Detection Systems

  • Chapter

  • 588 Accesses

Part of the book series: Advances in Information Security ((ADIS,volume 24))

6. Conclusions

We have developed a Markovian detector with chi square testing. A method for visualizing the learned features of the detector was devised. As this display was too detailed to be useful in and of itself, a method to visually abstract the features to give the user more overview (in two steps) of the data was developed.

The resulting prototype Chi2vis was put to the test on two data sets. A more extensive one comprising of one month worth of web server logs from a fairly large web server and a smaller one with publicly available system call trace data. The experiment demonstrated the ability of the detector to detect novel intrusions (i.e. variants of previously seen attempts) and the visualization proved helpful in letting the user differentiate between true and false alarms. The interactive feedback also made it possible for the user to retrain the detector until it performed as wanted.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer Science+Business Media, Inc.

About this chapter

Cite this chapter

(2006). Visualizing the Inner Workings of a Self Learning Classifier: Improving the Usability of Intrusion Detection Systems. In: Understanding Intrusion Detection Through Visualization. Advances in Information Security, vol 24. Springer, Boston, MA. https://doi.org/10.1007/0-387-27636-X_6

Download citation

  • DOI: https://doi.org/10.1007/0-387-27636-X_6

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-0-387-27634-2

  • Online ISBN: 978-0-387-27636-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation