论文降重
免费查重- 钛学术文献服务平台 \
- 学术期刊 \
- 综合期刊 \
- 其它期刊 \
- 信息安全(英文)期刊 \
Data Stream Subspace Clustering for Anomalous Network Packet Detection
Data Stream Subspace Clustering for Anomalous Network Packet Detection
基本信息来源于合作网站,原文需代理用户跳转至来源网站获取
摘要:
As the Internet offers increased connectivity between human beings, it has fallen prey to malicious users who exploit its resources to gain illegal access to critical information. In an effort to protect computer networks from external attacks, two common types of Intrusion Detection Systems (IDSs) are often deployed. The first type is signature-based IDSs which can detect intrusions efficiently by scanning network packets and comparing them with human-generated signatures describing previously-observed attacks. The second type is anomaly-based IDSs able to detect new attacks through modeling normal network traffic without the need for a human expert. Despite this advantage, anomaly-based IDSs are limited by a high false-alarm rate and difficulty detecting network attacks attempting to blend in with normal traffic. In this study, we propose a StreamPreDeCon anomaly-based IDS. StreamPreDeCon is an extension of the preference subspace clustering algorithm PreDeCon designed to resolve some of the challenges associated with anomalous packet detection. Using network packets extracted from the first week of the DARPA '99 intrusion detection evaluation dataset combined with Generic Http, Shellcode and CLET attacks, our IDS achieved 94.4% sensitivity and 0.726% false positives in a best case scenario. To measure the overall effectiveness of the IDS, the average sensitivity and false positive rates were calculated for both the maximum sensitivity and the minimum false positive rate. With the maximum sensitivity, the IDS had 80% sensitivity and 9% false positives on average. The IDS also averaged 63% sensitivity with a 0.4% false positive rate when the minimal number of false positives is needed. These rates are an improvement on results found in a previous study as the sensitivity rate in general increased while the false positive rate decreased.
推荐文章
学前STREAM教育在中国:现状、问题及建议
STREAM教育
学前教育
学前STREAM教育
Assessment of trace metals contamination in stream sediments and soils in Abuja leather mining, sout
Trace metals
Stream sediments
Geoaccumulation index
PCA
Soil
Southwestern Nigeria
内容分析
关键词云
关键词热度
相关文献总数
(/次)
(/年)
文献信息
| 篇名 | Data Stream Subspace Clustering for Anomalous Network Packet Detection | ||
| 来源期刊 | 信息安全(英文) | 学科 | 医学 |
| 关键词 | ANOMALY DETECTION INTRUSION DETECTION System Network Security PREFERENCE SUBSPACE Clustering Stream Data Mining | ||
| 年,卷(期) | xxaqyw_2012,(3) | 所属期刊栏目 | |
| 研究方向 | 页码范围 | 215-223 | |
| 页数 | 9页 | 分类号 | R73 |
| 字数 | 语种 | ||
| DOI | |||
五维指标
引文网络
引文网络
二级参考文献 (0)
共引文献 (0)
参考文献 (0)
节点文献
引证文献 (0)
同被引文献 (0)
二级引证文献 (0)
2012(0)
- 参考文献(0)
- 二级参考文献(0)
- 引证文献(0)
- 二级引证文献(0)
研究主题发展历程
节点文献
ANOMALY
DETECTION
INTRUSION
DETECTION
System
Network
Security
PREFERENCE
SUBSPACE
Clustering
Stream
Data
Mining
研究起点
研究来源
研究分支
研究去脉
引文网络交叉学科
相关学者/机构
期刊影响力
信息安全(英文)
主办单位:
美国科研出版社
出版周期:
季刊
ISSN:
2153-1234
CN:
开本:
出版地:
武汉市江夏区汤逊湖北路38号光谷总部空间
邮发代号:
创刊时间:
语种:
出版文献量(篇)
230
总下载数(次)
0
期刊文献
相关文献
推荐文献
