Data mining-based intrusion detectors

Wu, Su-Yun; Yen, Ester

doi:10.1016/j.eswa.2008.06.138

Cited by 100 publications

(36 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, Hansen and Salamon [6] had proved that multi-classifiers will only work when it is possible to build individual classifiers which are more than 50% accurate.…”

Section: Discussionmentioning

confidence: 99%

“…By adopting an effective intrusion detection system (IDS) as 2 nd line of defence, the threat attacks can also be is eliminated before they get into the system [4]. Total cost of recovery from network epidemics like Nimda, Bagle, Code Red, SQL Slammer, and Mpvars attacks [6] are ginormous to the whole society. Especially in some circumstances, the accuracy of the classifiers is so crucial that a wrong prediction of attacks may result in extraordinarily high costs.…”

Section: Three-layer Hierarchy Ensemble Classifier Approachmentioning

confidence: 99%

“…The current classifying algorithms used in IDS are typically designed based on the naïve Bayesian method [6,7], support vector machine [8][9][10][11], particle swarm optimization [12,13], generic algorithm [14], neural networks [15][16][17][18], k-nearest neighbor (KNN) methods [19,20], fuzzy c-means (FCM) methods [21,22], Dempster-Shafer theory of evidence [23][24][25][26] or other decision-tree based ad-hoc methods [27]. However, the detection performance of the current IDS are generally sensitive to the mismatching between the training and test data; and they could perform very poorly in the case of slight deviation of intrusive data pattern from known patterns or of an unknown attack.…”

Section: Two-stage Fuzzy Knn-dst Classifier For Unknown Attacksmentioning

confidence: 99%

“…Basically, there are mainly two types of IDS techniques: anomaly detection [5] and misuse detection [6] techniques.…”

Section: General Approaches To Intrusion Detectionmentioning

confidence: 99%

“…It consists of a collection of processing units that are highly interconnected, and it also consists of one hidden layer like black box [5][6][7][8][9]. Tamura [10] stated that four-layered feedforward neural network with two hidden layers will reduce the hidden neurons to (N/2)+3 given N input-target relations exactly.…”

Section: Neural Networkmentioning

confidence: 99%

See 4 more Smart Citations

Innovative Two-Stage Fuzzy Classification for Unknown Intrusion Detection

Jing¹

View full text Add to dashboard Cite

show abstract

“…However, Hansen and Salamon [6] had proved that multi-classifiers will only work when it is possible to build individual classifiers which are more than 50% accurate.…”

Section: Discussionmentioning

confidence: 99%

Section: Three-layer Hierarchy Ensemble Classifier Approachmentioning

confidence: 99%

Section: Two-stage Fuzzy Knn-dst Classifier For Unknown Attacksmentioning

confidence: 99%

“…Basically, there are mainly two types of IDS techniques: anomaly detection [5] and misuse detection [6] techniques.…”

Section: General Approaches To Intrusion Detectionmentioning

confidence: 99%

Section: Neural Networkmentioning

confidence: 99%

See 3 more Smart Citations

Innovative Two-Stage Fuzzy Classification for Unknown Intrusion Detection

Jing¹

View full text Add to dashboard Cite

show abstract

Malicious node and malicious observer node detection system in MANETs

Devi

Devi²

2019

Concurrency and Computation

View full text Add to dashboard Cite

Summary Mobile ad‐hoc networks (MANETs) are generally organized without infrastructure. Hence, they are moderately defenseless to malicious active and passive attackers that target to damage and trace the data transmission direction. Therefore, the malicious node (MN) (active attacker) and malicious observer node (MON) (passive attacker) detection system (MODS) is an important challenge in MANETs. It is quite easy to observe a node that induces malicious activities in other nodes, but it is very difficult to identify a node that passively observes and misuses network data. In this work, we propose context‐free grammar (CFG) and Fibonacci‐Pascal triangle (FPT) methods are in MANETs. Here, the MODS used CFG and FPT methods. The CFG is used to isolate the MN, and FPT conceals the real information of the mobile nodes. The data path is protected from mobile MONs by sending a secret message to the destination. The significant application of this scheme is enhancing military security. The simulation results demonstrate that the dynamic estimation of the quality‐of‐service metrics improves the 45% throughput in the network.

show abstract

False alarm reduction in signature‐based IDS: game theory approach

Subba

Biswas

Karmakar

2016

Security Comm Networks

View full text Add to dashboard Cite

Signature‐based intrusion detection systems (IDSs) are employed to monitor computer networks for signs of network intrusions. However, they produce a large number of false positive alarms when operated with default settings without considering the underlying network environment. Inundation of false alarms is the Achilles heel of IDS technology, which could render the IDS ineffective in detecting network attacks. Several false alarm minimization approaches have been proposed in the literature. However, there are many drawbacks associated with these works, namely, modification of well‐established attack signatures; heavy dependence on the attack signatures' reference numbers, which might not always be available; and non‐consideration of the underlying network context information. In this paper, we propose an efficient game theory‐based false alarm minimization scheme for signature‐based IDS. The proposed scheme uses a game theory‐based correlation engine to correlate IDS alarms with network vulnerabilities to minimize the overall false positive alarm rate of the IDS. Experimental results and comparison analysis of the proposed false alarm minimization framework with other frameworks on the benchmark DARPA intrusion detection evaluation dataset and an in‐house IIT Guwahati Lab dataset show that the proposed scheme achieves the highest accuracy among all the frameworks under consideration without degrading the overall detection rate of the IDS. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

Data mining-based intrusion detectors

Cited by 100 publications

References 8 publications

Innovative Two-Stage Fuzzy Classification for Unknown Intrusion Detection

Innovative Two-Stage Fuzzy Classification for Unknown Intrusion Detection

Malicious node and malicious observer node detection system in MANETs

False alarm reduction in signature‐based IDS: game theory approach

Contact Info

Product

Resources

About