Journal ArticleDOI
A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis
Reads0
Chats0
TLDR
A DoS attack detection system that uses multivariate correlation analysis (MCA) for accurate network traffic characterization by extracting the geometrical correlations between network traffic features by learning the patterns of legitimate network traffic only is presented.Abstract:
Interconnected systems, such as Web servers, database servers, cloud computing servers and so on, are now under threads from network attackers. As one of most common and aggressive means, denial-of-service (DoS) attacks cause serious impact on these computing systems. In this paper, we present a DoS attack detection system that uses multivariate correlation analysis (MCA) for accurate network traffic characterization by extracting the geometrical correlations between network traffic features. Our MCA-based DoS attack detection system employs the principle of anomaly based detection in attack recognition. This makes our solution capable of detecting known and unknown DoS attacks effectively by learning the patterns of legitimate network traffic only. Furthermore, a triangle-area-based technique is proposed to enhance and to speed up the process of MCA. The effectiveness of our proposed detection system is evaluated using KDD Cup 99 data set, and the influences of both non-normalized data and normalized data on the performance of the proposed detection system are examined. The results show that our system outperforms two other previously developed state-of-the-art approaches in terms of detection accuracy.read more
Citations
More filters
Journal ArticleDOI
A survey of network anomaly detection techniques
TL;DR: This paper presents an in-depth analysis of four major categories of anomaly detection techniques which include classification, statistical, information theory and clustering and evaluates effectiveness of different categories of techniques.
Journal ArticleDOI
Survey of intrusion detection systems: techniques, datasets and challenges
TL;DR: A taxonomy of contemporary IDS is presented, a comprehensive review of notable recent works, and an overview of the datasets commonly used for evaluation purposes are presented, and evasion techniques used by attackers to avoid detection are presented.
Journal ArticleDOI
IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security?
TL;DR: The attack model for IoT systems is investigated, and the IoT security solutions based on machine-learning (ML) techniques including supervised learning, unsupervised learning, and reinforcement learning (RL) are reviewed.
Journal ArticleDOI
Machine Learning in IoT Security: Current Solutions and Future Challenges
TL;DR: This paper systematically review the security requirements, attack vectors, and the current security solutions for the IoT networks, and sheds light on the gaps in these security solutions that call for ML and DL approaches.
Journal ArticleDOI
A Two-Layer Dimension Reduction and Two-Tier Classification Model for Anomaly-Based Intrusion Detection in IoT Backbone Networks
TL;DR: A novel model for intrusion detection based on two-layer dimension reduction and two-tier classification module, designed to detect malicious activities such as User to Root (U2R) and Remote to Local (R2L) attacks is presented.
References
More filters
Proceedings Article
Snort - Lightweight Intrusion Detection for Networks
TL;DR: Snort provides a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected.
Journal ArticleDOI
An Intrusion-Detection Model
TL;DR: A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.
Proceedings ArticleDOI
A detailed analysis of the KDD CUP 99 data set
TL;DR: A new data set is proposed, NSL-KDD, which consists of selected records of the complete KDD data set and does not suffer from any of mentioned shortcomings.
Proceedings Article
Bro: a system for detecting network intruders in real-time
TL;DR: Bro as mentioned in this paper is a stand-alone system for detecting network intruders in real-time by passively monitoring a network link over which the intruder's traffic transits, which emphasizes high-speed (FDDI-rate) monitoring, realtime notification, clear separation between mechanism and policy and extensibility.
Related Papers (5)
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)
Nour Moustafa,Jill Slay +1 more