Unsupervised Anomaly Intrusion Detection via Localized Bayesian Feature Selection
作者: Wentao Fan , Nizar Bouguila , Djemel Ziou
关键词: Model selection 、 Artificial intelligence 、 Network security 、 Context (language use) 、 Mixture model 、 Feature selection 、 Data mining 、 Unsupervised learning 、 Intrusion detection system 、 Computer science 、 Anomaly detection 、 Machine learning
摘要: In recent years, an increasing number of security threats have brought a serious risk to the internet and computer networks. Intrusion Detection System (IDS) plays vital role in detecting various kinds attacks. Developing adaptive flexible oriented IDSs remains challenging demanding task due incessantly appearance new types attacks sabotaging approaches. this paper, we propose novel unsupervised statistical approach for network based our approach, patterns normal intrusive activities are learned through finite generalized Dirichlet mixture models, context Bayesian variational inference. Under proposed framework, parameters, complexity model, features saliency can be estimated simultaneously, closed-form. We evaluate using popular KDD CUP 1999 data set. Experimental results show that is able detect many different intrusions accurately with low false positive rate.
sci-hub.se 参考文章(30)
Aaron Schwartzbard, Anup K. Ghosh, A study in using neural networks for anomaly and misuse detection usenix security symposium. pp. 12- 12 ,(1999)
Matthias Schonlau, William DuMouchel, A fast computer intrusion detection algorithm based on hypothesis testing of command transition probabilities knowledge discovery and data mining. pp. 189- 193 ,(1998)
Tommi S Jaakkola, Michael I Jordan, None, Bayesian parameter estimation via variational methods Statistics and Computing. ,vol. 10, pp. 25- 37 ,(2000) , 10.1023/A:1008932416310
Eleazar Eskin, Anomaly Detection over Noisy Data using Learned Probability Distributions international conference on machine learning. pp. 255- 262 ,(2000) , 10.7916/D8C53SKF
Eleazar Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A Geometric Framework for Unsupervised Anomaly Detection Applications of Data Mining in Computer Security. pp. 77- 101 ,(2002) , 10.1007/978-1-4615-0953-0_4
E Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA APPLICATIONS OF DATA MINING IN COMPUTER SECURITY. pp. 0- 0 ,(2002) , 10.7916/D8D50TQT
J McLachlan, G, D. Peel, Finite Mixture Models ,(2000)
Philip K. Chan, Wenke Lee, Saivatore J. Stolfo, Learning Patterns from Unix Process Execution Traces for Intrusion Detection ,(1997) , 10.7916/D8B56RF2
Giorgio Giacinto, Fabio Roli, Luca Didaci, Fusion of multiple classifiers for intrusion detection in computer networks Pattern Recognition Letters. ,vol. 24, pp. 1795- 1803 ,(2003) , 10.1016/S0167-8655(03)00004-7
Yang Li, Li Guo, TCM-KNN scheme for network anomaly detection using feature-based optimizations Proceedings of the 2008 ACM symposium on Applied computing - SAC '08. pp. 2103- 2109 ,(2008) , 10.1145/1363686.1364194