Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligence Techniques.
作者: Andrew H. Sung , Srinivas Mukkamala
DOI:
关键词: Information infrastructure 、 Support vector machine 、 Machine learning 、 Artificial neural network 、 Artificial intelligence 、 Ranking 、 Data mining 、 Computer science 、 Information assurance 、 Network forensics 、 Feature selection 、 Security policy
摘要: Network forensics is the study of analyzing network activity in order to discover source security policy violations or information assurance breaches. Capturing for forensic analysis simple theory, but relatively trivial practice. Not all captured recorded will be useful analysis. Identifying key features that reveal deemed worthy further intelligent a problem great interest researchers field. The focus this paper use artificial techniques offline intrusion analysis, protect integrity and confidentiality infrastructure. An effective tool essential ensuring by updating newly identified breaches organizations protection detection mechanisms. Two are studied: Artificial Neural Networks (ANNs) Support Vector Machines (SVMs). We show SVMs superior ANNs three critical respects: 1. train, run an magnitude faster; 2. scale much better; 3. give higher classification accuracy. also address related issue ranking importance input features, which modeling. Since elimination insignificant and/or useless inputs leads simplification may allow faster more accurate detection, feature selection very important forensics. methods presented; first one independent modeling tool, while second method specific SVMs. two applied identify 1999 DARPA data. It shown produce results largely consistent.
参考文章(268)
H H Dayal, T Baranowski, Y H Li, R Morris, Hazardous chemicals: psychological dimensions of the health sequelae of a community exposure in Texas. Journal of Epidemiology and Community Health. ,vol. 48, pp. 560- 568 ,(1994) , 10.1136/JECH.48.6.560
D. W. Johnson, C. G. Kilsby, D. S. McKenna, R. W. Saunders, G. J. Jenkins, F. B. Smith, J. S. Foot, Airborne observations of the physical and chemical characteristics of the Kuwait oil smoke plume Nature. ,vol. 353, pp. 617- 621 ,(1991) , 10.1038/353617A0
Lawrence M. Schell, Environmental noise and human prenatal growth American Journal of Physical Anthropology. ,vol. 56, pp. 63- 70 ,(1981) , 10.1002/AJPA.1330560107
D. S. Rupa, P. P. Reddy, K. Sreemannarayana, O. S. Reddi, S. M. Galloway, Frequency of sister chromatid exchange in peripheral lymphocytes of male pesticide applicators. Environmental and Molecular Mutagenesis. ,vol. 18, pp. 136- 138 ,(1991) , 10.1002/EM.2850180209
F.N. Dulout, M.C. Pastori, O.A. Olivero, M. González Cid, D. Loria, E. Matos, N. Sobel, E.C. de Bujan, N. Albiano, Sister-chromatid exchanges and chromosomal aberrations in a population exposed to pesticides. Mutation Research Letters. ,vol. 143, pp. 237- 244 ,(1985) , 10.1016/0165-7992(85)90087-9
F. M. Sullivan, S. M. Barlow, Reproductive hazards of industrial chemicals ,(1982)
A L Richards, K C Hyams, D M Watts, P J Rozmajzl, J N Woody, B R Merrell, Respiratory disease among military personnel in Saudi Arabia during Operation Desert Shield. American Journal of Public Health. ,vol. 83, pp. 1326- 1329 ,(1993) , 10.2105/AJPH.83.9.1326
A. A. Amato, A. McVey, C. Cha, E. C. Matthews, C. E. Jackson, R. Kleingunther, L. Worley, E. Cornman, K. Kagan-Hallet, Evaluation of neuromuscular symptoms in veterans of the Persian Gulf War Neurology. ,vol. 48, pp. 4- 12 ,(1997) , 10.1212/WNL.48.1.4
Richard M. LoPachin, Ellen J. Lehning, Mechanism of calcium entry during axon injury and degeneration. Toxicology and Applied Pharmacology. ,vol. 143, pp. 233- 244 ,(1997) , 10.1006/TAAP.1997.8106
V.L. Katseni, B.K. Ryait, K. Ariyoshi, P.D. Bieniasz, J.N. Weber, D. Taylor-Robinson, C.B. Gilroy, D. Taylor-Robinson, Mycoplasma fermentans in individuals seropositive and seronegative for HIV-1 The Lancet. ,vol. 341, pp. 271- 273 ,(1993) , 10.1016/0140-6736(93)92617-3