Network Anomalies Detection Using Statistical Technique : A Chi- Square approach
作者: Zubair Khan , M. H. Khan , Rahul Rastogi
DOI:
关键词: Anomaly (natural sciences) 、 Intrusion detection system 、 Pattern matching 、 Anomaly detection 、 Network intrusion detection 、 Anomaly-based intrusion detection system 、 Chi-square test 、 Statistic 、 Data mining 、 Engineering
摘要: Intrusion Detection System is used to detect suspicious activities one form of defense. However, the sheer size network logs makes human log analysis intractable. Furthermore, traditional intrusion detection methods based on pattern matching techniques cannot cope with need for faster speed manually update those patterns. Anomaly as a part system, which in turn use certain data mining techniques. Data can be applied possible intrusions. The foremost step application selection appropriate features from data. This paper aims build an that known and unknown automatically. Under framework, IDS are trained statistical algorithm, named Chi-Square statistics. study shows plan, implementation analyze these threats by using statistic technique, order prevent attacks make Network system (NIDS). proposed model anomaly-based see how effective this technique detecting
ijcsi.org 参考文章(12)
Allen Householder, Art Manion, Linda Pesante, George M. Weaver, Rob Thomas, Managing the Threat of Denial-of-Service Attacks Defense Technical Information Center. ,(2001) , 10.21236/ADA636482
William Stallings, Cryptography and network security ,(1998)
P. Berkhin, A Survey of Clustering Data Mining Techniques Grouping Multidimensional Data. pp. 25- 71 ,(2006) , 10.1007/3-540-28349-8_2
Richard Jensen, Qiang Shen, A Rough Set-Aided System for Sorting WWW Bookmarks web intelligence. pp. 95- 105 ,(2001) , 10.1007/3-540-45490-X_10
Linda Pesante, CERT® Coordination Center Encyclopedia of Software Engineering. ,(2002) , 10.1002/0471028959.SOF035
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496
Wesley M. Eddy, TCP SYN Flooding Attacks and Common Mitigations RFC. ,vol. 4987, pp. 1- 19 ,(2007)
S. Floyd, Inappropriate TCP Resets Considered Harmful RFC. ,vol. 3360, pp. 1- 19 ,(2002)
Wenke Lee, Dong Xiang, Information-theoretic measures for anomaly detection ieee symposium on security and privacy. pp. 130- 143 ,(2001) , 10.1109/SECPRI.2001.924294
Micheline Kamber, Jiawei Han, Jian Pei, Data Mining: Concepts and Techniques ,(2000)