Non-intrusive anomaly detection for encrypted networks

Author

Luis C. Armendariz Jr., West Virginia University

Semester

Spring

Date of Graduation

2014

Document Type

Thesis

Degree Type

MS

College

Statler College of Engineering and Mineral Resources

Department

Lane Department of Computer Science and Electrical Engineering

Committee Chair

Roy S. Nutter

Committee Co-Chair

Katerina D. Goseva-Popstojanova

Committee Member

Afzel Noore.

Abstract

The use of encryption is steadily increasing. Packet payloads that are encrypted are becoming increasingly difficult to analyze using IDSs. This investigation uses a new non-intrusive IDS approach to detect network intrusions using a K-Means clustering methodology. It was found that this approach was able to detect many intrusions for these datasets while maintaining the encrypted confidentiality of packet information. This work utilized the KDD '99 and NSL-KDD evaluation datasets for testing.

Recommended Citation

Armendariz Jr., Luis C., "Non-intrusive anomaly detection for encrypted networks" (2014). Graduate Theses, Dissertations, and Problem Reports. 111.
https://researchrepository.wvu.edu/etd/111