This project, developing innovative adaptive machine learning algorithms for detecting network intrusions, especially anomaly detection, aims to increase the detection rate and speed of detection for dynamically changing data sets without recomputing the solutions from scratch. Instead, the existing solutions are utilized and updated with new data. By detecting more data in training without compromising data privacy, the algorithms are designed to increase the detection capability. The work addresses the following challenging aspects of machine learning based methods for network anomaly detection: . Development of Adaptive Machine Learning Algorithms, . Hierarchical Dimension Reduction and Clustering, and . Privacy Preserving Distributed Data Mining for Effective Utilization of Private Intrusion Detection Data Sets. The former, responding to the change of data over time, designs/creates efficient algorithms to delete the influence of old data and incorporate the new data, without recomputing the solution. The second, addressing the fact that typically data sets are intrinsically unbalanced when the problem is considered as a binary problem, generalizes further the cluster preserving dimension reduction methods to reflect the hierarchical cluster structure in dimension reduction. The latter, responding to data privacy, designs machine learning based anomaly detection algorithms by integrating locally generated results into one integrated solution without revealing the critical information in each local data set, thereby preserving privacy.
Broader Impacts: The research produces methods that are likely to have great impact on a broad range of applications in very high-dimensional spaces. Their adaptability allows significant reduction in the computational complexity substantially improving the possibility of detailed study of data which has been prohibitively expensive. Involving an HBCU institution in the area, this female faculty PI leads an effort to engage more women and minority students.
