Archives and Documentation Center
Digital Archives

Maximum entropy estimated payload based intrusion detection system "the me-payl"

Show simple item record

dc.contributor Graduate Program in Electrical and Electronic Engineering.
dc.contributor.advisor Anarım, Emin.
dc.contributor.author Erhan, Derya.
dc.date.accessioned 2023-03-16T10:16:55Z
dc.date.available 2023-03-16T10:16:55Z
dc.date.issued 2007.
dc.identifier.other EE 2007 E74
dc.identifier.uri http://digitalarchive.boun.edu.tr/handle/123456789/12692
dc.description.abstract Computer Networks can be considered as an important component of today’s human life. Since data and information of various organizations are transferred through private and public networks such as the global internet, special attention is being paid to the security parameters of these networks. In order to increase the security of these networks, tools such as firewalls and intrusion detection systems are used. The process of monitoring the events occurring in a computer system or network and analyzing them for sign of intrusions is known as Intrusion Detection System. In this thesis a payload based intrusion detection system using the maximum entropy principle, the Me-PAYL is proposed. The starting point is the PAYL method. A network anomaly detection technique that uses sniffed data of the network and based on maximum entropy and relative entropy methods is developed. Advantages of maximum entropy approach are combined with PAYL model to obtain more efficiency. The proposed method, Me-PAYL is tested with DARPA 1999 Intrusion Detection Evaluation (IDEVAL) Dataset, which is the largest dataset available with whole payloads. When comparing results of PAYL and Me-PAYL with tests on the IDEVAL dataset, it can be seen that the Me-PAYL method is much more efficient than the PAYL method.
dc.format.extent 30cm.
dc.publisher Thesis (M.S.)-Bogazici University. Institute for Graduate Studies in Science and Engineering, 2007.
dc.relation Includes appendices.
dc.relation Includes appendices.
dc.subject.lcsh Computer security.
dc.subject.lcsh Computer networks -- Security measures.
dc.title Maximum entropy estimated payload based intrusion detection system "the me-payl"
dc.format.pages xv, 85 leaves;


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search Digital Archive


Browse

My Account