Triple Modular Redundancy Optimization for Threshold Determination in Intrusion Detection Systems
作者: Milan Čabarkapa , Dragan Ranđelović , Milan Ranđelović , Vojkan Nikolić , Ivan Babić
DOI: 10.3390/SYM13040557
关键词:
摘要: This paper presents a novel approach for an Intrusion Detection System (IDS) based on one kind of asymmetric optimization which use any three already well-known IDS algorithms and Triple Modular Redundancy (TMR) algorithm together. Namely, variable threshold indicates attack observed protected network is determined by using all values obtained with known i.e., previously recorded data making decision majority. For these authors used k-nearest neighbors, cumulative sum algorithm, exponentially weighted moving average. Using proposed method we can get that more precisely than in the case individual. Practically, TMR obtain dynamically adjustment software, reduces existence false alarms undetected attacks, so efficiency such software notably higher better results. Today, Denial Service attacks (DoS) are most present type reason special attention paid to them this paper. In addition, CIC-DDoS2019 dataset, contains various recordings attacks. Obtained results solution showed characteristics each individual solution. worked timely, means were triggered properly efficiently.
mdpi.com
sci-hub.st 参考文章(35)
Yanxin Wang, A hybrid intrusion detection system Iowa State University. ,(2004) , 10.31274/RTD-180813-112
Jisa David, Ciza Thomas, DDoS Attack Detection Using Fast Entropy Approach on Flow- Based Network Traffic Procedia Computer Science. ,vol. 50, pp. 30- 36 ,(2015) , 10.1016/J.PROCS.2015.04.007
C. Douligeris, A. Mitrokotsa, DDoS attacks and defense mechanisms: a classification international symposium on signal processing and information technology. pp. 190- 193 ,(2003) , 10.1109/ISSPIT.2003.1341092
Fang-Yie Leu, Wei-Jie Yang, Intrusion Detection with CUSUM for TCP-Based DDoS Embedded and Ubiquitous Computing – EUC 2005 Workshops. pp. 1255- 1264 ,(2005) , 10.1007/11596042_127
Choosing parameters for detecting DDoS attack active media technology. pp. 239- 242 ,(2012) , 10.1109/ICWAMTIP.2012.6413483
Shashank Shanbhag, Tilman Wolf, Accurate anomaly detection through parallelism IEEE Network. ,vol. 23, pp. 22- 28 ,(2009) , 10.1109/MNET.2009.4804320
Ahmad Sanmorino, Setiadi Yazid, DDoS Attack detection method and mitigation using pattern of the flow international conference on information and communication technology. pp. 12- 16 ,(2013) , 10.1109/ICOICT.2013.6574541
Keunsoo Lee, Juhyun Kim, Ki Hoon Kwon, Younggoo Han, Sehun Kim, DDoS attack detection method using cluster analysis Expert Systems With Applications. ,vol. 34, pp. 1659- 1665 ,(2008) , 10.1016/J.ESWA.2007.01.040
S.E. Smaha, Haystack: an intrusion detection system annual computer security applications conference. pp. 37- 44 ,(1988) , 10.1109/ACSAC.1988.113412
R. E. Lyons, W. Vanderkulk, The use of triple-modular redundancy to improve computer reliability Ibm Journal of Research and Development. ,vol. 6, pp. 200- 209 ,(1962) , 10.1147/RD.62.0200