Intrusion Detection at Packet Level by Unsupervised Architectures

Herrero, Álvaro; Corchado, Emilio; Gastaldo, Paolo; Leoncini, Davide; Picasso, Francesco; Zunino, Rodolfo

doi:10.1007/978-3-540-77226-2_72

Cited by 4 publications

(1 citation statement)

References 23 publications

(28 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These events are characterized by different combinations of feature values, which increase dramatically with increase in number of features. Hence, we advocate unsupervised learning strategies -specifically, the Auto-Associative Back Propagation (AABP) neural network [10], which involves training with unlabeled data -as it is more suited for classification of anomalies based on their causes. The AABP neural network operates as a smart compression operator and enables a compact representation of multidimensional data into smaller dimensions (2D or 3D) so that anomalies can be grouped into numerous clusters based on their causes.…”

Section: Classification Of Anomaliesmentioning

confidence: 99%

Self-organizing sensing infrastructure for autonomic management of green datacenters

Viswanathan¹,

Lee²,

Pompili³

2011

IEEE Network

View full text Add to dashboard Cite

34 0890-8044/11/$25.00 © 2011 IEEE atacenters are a growing component of society's information technology (IT) infrastructure, enabling services related to health, banking, commerce, defense, education, and entertainment. Due to the rise in demand for computing and storage, energy consumption, heat generation, and cooling requirements of datacenters have become critical concerns in terms of both the growing operating costs as well as their environmental and societal impacts. It is predicted that datacenter energy consumption in the United States will reach 100 billion kWh/year by the end of 2011 with a corresponding energy bill of approximately $7.4 billion [1]. Impact on the environment and society may include increase in CO 2 emissions, overload of the electricity supply grid, and rising water usage for cooling leading to water scarcity. The scale and complexity of modern datacenters are growing at an alarming rate due to the rising popularity of the cloud computing paradigm as an effective means to cater to the aforementioned increase in demand [2]. Their management is rapidly exceeding human ability, making autonomic (self-configuration, self-optimization, self-healing, and self-protection) management approaches essential.From our feasibility study and proof-of-concept experiments on our testbed [3] at the National Science Foundation (NSF) Center for Autonomic Computing (CAC) -a multiinstitutional research center that comprises four university sites: the University of Florida, University of Arizona, Rutgers University, and Mississippi State University -we have inferred that one of the fundamental problems in existing datacenters is the local unevenness in heat generation and heat extraction rates. The former can be attributed to non-uniform distribution of workloads among servers and the heterogeneity of computing hardware, while the latter can be attributed to non-ideal air circulation, which depends on the layout of server racks inside the datacenter and on the placement of computer room air conditioning (CRAC) unit fans and air vents. The heat generation and extraction rates may differ, which over time causes what we call heat imbalance. A large negative heat imbalance at a particular region inside a datacenter will result in energy-inefficient overcooling and hence a significant decrease in temperature. Conversely, a large positive heat imbalance in a particular region will lead to a significant temperature rise, which may increase the risk of equipment overheating and hence the chances of server system failures due to operation in the unsafe temperature range [4]. Thus, thermal awareness, which is the knowledge of heat imbalance in different regions inside a datacenter, is essential to maximize energy and cooling efficiency as well as to minimize server system failure rates.Autonomic datacenter management, which includes thermal-and energy-aware resource provisioning, cooling system optimization, and anomaly detection, can help minimize both the impact on the environment and the total cost of ownership (...

show abstract

Section: Classification Of Anomaliesmentioning

confidence: 99%

Self-organizing sensing infrastructure for autonomic management of green datacenters

Viswanathan¹,

Lee²,

Pompili³

2011

IEEE Network

View full text Add to dashboard Cite

show abstract

nokLINK: A New Solution for Enterprise Security

Pedersoli

Cristiano

Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS’08

View full text Add to dashboard Cite

Statistical Opportunities, Roles, and Challenges in Network Security

Wang

Statistical Techniques for Network Security

View full text Add to dashboard Cite

In this chapter, we will provide a brief overview of network security and introduce essential concepts of intrusion detection and prevention and review their basic principles and guidelines. Then, we will discuss statistical approaches in practice as well as statistical opportunities, roles, and challenges in network security. Network security has become a very popular topic. A simple Google search based on the keyword “network security” showed 2.2 million items on February 29, 2008. Network security aims to protect the entire infrastructure of a computer network and its corresponding services from unauthorized access. The two key elements of network security are risk assessment and risk management. There are several fundamental components in network security: (1) security-specific infrastructures, such as hardware- and software-based firewalls and physical security approaches, (2) security polices, which include security protocols, users’ authentications, authorizations, access controls, information integrity and confidentiality, (3) detection of malicious programs, including anti-viruses, worms, or Trojan horses, and spyware or malware, and (4) intrusion detection and prevention, which encompasses network traffic surveillance and analyzing and profiling user behavior. Since the topic of network security links a great number of research areas and disciplines, we will focus on the component of intrusion detection and prevention in this book. Readers who are interested in other components or want to gain more detailed information on the entire topic may refer to Smedinghoff (1996), Curtin (1997), Garfinkel and Spafford (1997), McClure, Scambray, and Kurtz, (1999), Strebe and Perkins (2000), Bishop (2003), Maiwald (2003), Stallings (2003), Lazarevic, Ertoz, Kumar, Ozgur, & Srivastava, (2003), Bragg, Rhodes-Ousley, Strassberg (2004), McNab (2007), and Dasarathy (2008). For wireless network security, Vacca (2006) provides an essential step-by-step guide that explains the wireless-specific security challenges and tasks, and for mobile phone related intrusion detection refer to Isohara, Takemori & Sasase (2008). Finally, for an overall introduction on network security, including key tools and technologies used to secure network access, refer to Network Security Principles and Practices by Malik (2003) and Network Security Fundamentals by Laet & Schauwers (2005).

show abstract

Intrusion Detection at Packet Level by Unsupervised Architectures

Cited by 4 publications

References 23 publications

Self-organizing sensing infrastructure for autonomic management of green datacenters

Self-organizing sensing infrastructure for autonomic management of green datacenters

nokLINK: A New Solution for Enterprise Security

Statistical Opportunities, Roles, and Challenges in Network Security

Contact Info

Product

Resources

About