Network Anomaly Detection by Using a Time-Decay Closed Frequent Pattern

Zhao, Ying; Chen, Junjun; Wu, Di; Teng, Jun; Sharma, Nabin; Sajjanhar, Atul; Blumenstein, Michael

doi:10.3390/info10080262

Cited by 3 publications

(2 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…When calculating the probability of an event occurring also the time is considered, and an alert is raised if an event is unlikely to have happened in a speci ic time. Zhao et al [15] exploited techniques to mine frequent patterns in network traf ic, and applied time-decay factors to differentiate between newer and older patterns. This strategy helps such IDSs to update its system baseline, making the IDS able to cope with the highly dynamic behavior of users.…”

Section: Statistics-based Idsmentioning

confidence: 99%

Intrusion detection systems for IoT: Opportunities and challenges offered by edge computing

Spadaccino¹,

Cuomo²

2022

ITU J-FET

View full text Add to dashboard Cite

Key components of current cybersecurity methods are the Intrusion Detection Systems (IDSs), where different techniques and architectures are applied to detect intrusions. IDSs can be based either on cross-checking monitored events with a database of known intrusion experiences, known as signature-based, or on learning the normal behavior of the system and reporting whether anomalous events occur, named anomaly-based. This work is dedicated to the application of IDS to the Internet of Things (IoT) networks, where also edge computing is used to support IDS implementation. Specific attention is given to IDSs which leverage device classification at the edge. New challenges that arise when deploying an IDS in an edge scenario are identified and remedies are proposed.

show abstract

Section: Statistics-based Idsmentioning

confidence: 99%

Intrusion detection systems for IoT: Opportunities and challenges offered by edge computing

Spadaccino¹,

Cuomo²

2022

ITU J-FET

View full text Add to dashboard Cite

show abstract

“…They used the Auto-Regressive (AR) process to model the data, and then performed a sequential hypothesis testing to determine the presence of an anomaly. Zhao et al [23] exploited techniques to mine frequent patterns in network traffic, and applied time-decay factors to differentiate between newer and older patterns. This strategy helps AIDS to update its system baseline, making the IDS to cope with highly dynamical behavior of users.…”

Section: ) Statistics-based Aidsmentioning

confidence: 99%

Intrusion Detection Systems for IoT: opportunities and challenges offered by Edge Computing and Machine Learning

Spadaccino¹,

Cuomo²

2020

Preprint

View full text Add to dashboard Cite

Key components of current cybersecurity methods are the Intrusion Detection Systems (IDSs) were different techniques and architectures are applied to detect intrusions. IDSs can be based either on cross-checking monitored events with a database of known intrusion experiences, known as signature-based, or on learning the normal behavior of the system and reporting whether some anomalous events occur, named anomaly-based. This work is dedicated to the application to the Internet of Things (IoT) network where edge computing is used to support the IDS implementation. New challenges that arise when deploying an IDS in an edge scenario are identified and remedies are proposed. We focus on anomaly-based IDSs, showing the main techniques that can be leveraged to detect anomalies and we present machine learning techniques and their application in the context of an IDS, describing the expected advantages and disadvantages that a specific technique could cause.

show abstract