Cyberattack triage using incremental clustering for intrusion detection systems
作者: Sona Taheri , Adil M. Bagirov , Iqbal Gondal , Simon Brown
DOI: 10.1007/S10207-019-00478-3
关键词:
摘要: Intrusion detection systems (IDSs) are devices or software applications that monitor networks for malicious activities and signals alerts/alarms when such activity is discovered. However, an IDS may generate many false alerts which affect its accuracy. In this paper, we develop a cyberattack triage algorithm to detect these (so-called outliers). The proposed designed using the clustering, optimization distance-based approaches. An optimization-based incremental clustering find clusters of different types cyberattacks. Using special procedure, set divided into two subsets: normal stable clusters. Then, outliers found among average distance between centroids evaluated well-known data sets—Knowledge Discovery Data mining Cup 1999 UNSW-NB15—and compared with some other existing algorithms. Results show has high accuracy negative rate very low.
springer.com
sci-hub.se 参考文章(35)
Jay Harrell, James Cannady, A Comparative Analysis of Current Intrusion Detection Technologies ,(2000)
Hung-Jen Liao, Chun-Hung Richard Lin, Ying-Chih Lin, Kuang-Yuan Tung, Review: Intrusion detection system: A comprehensive review Journal of Network and Computer Applications. ,vol. 36, pp. 16- 24 ,(2013) , 10.1016/J.JNCA.2012.09.004
Zhuowei Li, Amitabha Das, Jianying Zhou, USAID: Unifying Signature-Based and Anomaly-Based Intrusion Detection Advances in Knowledge Discovery and Data Mining. pp. 702- 712 ,(2005) , 10.1007/11430919_81
Vipin Kumar, Pang-Ning Tan, Michael M. Steinbach, Introduction to Data Mining ,(2013)
S. Rubin, S. Jha, B.P. Miller, Automatic generation and analysis of NIDS attacks annual computer security applications conference. pp. 28- 38 ,(2004) , 10.1109/CSAC.2004.9
Vikas Pareek, Aditi Mishra, Arpana Sharma, Rashmi Chauhan, Shruti Bansal, A Deviation Based Outlier Intrusion Detection System Recent Trends in Network Security and Applications. pp. 395- 401 ,(2010) , 10.1007/978-3-642-14478-3_39
Yongduek Seo, Hyunjung Lee, Sang Wook Lee, Outlier Removal by Convex Optimization for L-Infinity Approaches pacific-rim symposium on image and video technology. pp. 203- 214 ,(2009) , 10.1007/978-3-540-92957-4_18
Fatma Hachmi, Khadouja Boujenfa, Mohamed Limam, An optimization process to identify outliers generated by intrusion detection systems Security and Communication Networks. ,vol. 8, pp. 3469- 3480 ,(2015) , 10.1002/SEC.1271
R.P. Lippmann, D.J. Fried, I. Graf, J.W. Haines, K.R. Kendall, D. McClung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation darpa information survivability conference and exposition. ,vol. 2, pp. 12- 26 ,(2000) , 10.1109/DISCEX.2000.821506
Lian Duan, Lida Xu, Ying Liu, Jun Lee, Cluster-based outlier detection Annals of Operations Research. ,vol. 168, pp. 151- 168 ,(2009) , 10.1007/S10479-008-0371-9