Towards NIC-based intrusion detection

Otey, Matthew Eric; Parthasarathy, S.; Ghoting, Amol; Li, G.; Narravula, S.; Panda, D.K.

doi:10.1145/956750.956847

Cited by 29 publications

(4 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To ensure that rules correspond to strong patterns the rules with low support values are pruned. An application of this technique for intrusion detection was used in ADAM system [30,31] and in [33] for intrusion detection embedded on the network interface card. LERAD method [34] generates association rules from data in the form P(notW|U), which is conditional probability of one subset of attributes taking on a particular set of values (denoted by notW) given that a disjoint subset of attributes takes on a particular set of values (denoted by U).…”

Section: Rule-based Methodsmentioning

confidence: 99%

Rule-based OneClass-DS learning algorithm

Nguyen

Cios

2015

Applied Soft Computing

View full text Add to dashboard Cite

a b s t r a c tOne-class learning algorithms are used in situations when training data are available only for one class, called target class. Data for other class(es), called outliers, are not available. One-class learning algorithms are used for detecting outliers, or novelty, in the data. The common approach in one-class learning is to use density estimation techniques or adapt standard classification algorithms to define a decision boundary that encompasses only the target data. In this paper, we introduce OneClass-DS learning algorithm that combines rule-based classification with greedy search algorithm based on density of features. Its performance is tested on 25 data sets and compared with eight other one-class algorithms; the results show that it performs on par with those algorithms.Published by Elsevier B.V.

show abstract

Section: Rule-based Methodsmentioning

confidence: 99%

Rule-based OneClass-DS learning algorithm

Nguyen

Cios

2015

Applied Soft Computing

View full text Add to dashboard Cite

show abstract

“…3) Clustering-based: These methods detect anomalies after clustering the samples. The samples not belonging to any cluster, the samples far from the cluster centers, and the samples in very sparse or small clusters [36,38] are treated as isolated anomalies, edge anomalies, and sparsely clustered anomalies, respectively. Yu et al [37] applied a wavelet transformation to the quantized feature space and found sample clusters in this space.…”

Section: ) Statistical Model-basedmentioning

confidence: 99%

Anomaly Detection Using Local Kernel Density Estimation and Context-Based Regression

Gao

et al. 2020

IEEE Trans. Knowl. Data Eng.

View full text Add to dashboard Cite

Current local density-based anomaly detection methods are limited in that the local density estimation and the neighborhood density estimation are not accurate enough for complex and large databases, and the detection performance depends on the size parameter of the neighborhood. In this paper, we propose a new kernel function to estimate samples' local densities and propose a weighted neighborhood density estimation to increase the robustness to changes in the neighborhood size. We further propose a local kernel regression estimator and a hierarchical strategy for combining information from the multiple scale neighborhoods to refine anomaly factors of samples. We apply our general anomaly detection method to image saliency detection by regarding salient pixels in objects as anomalies to the background regions. Local density estimation in the visual feature space and kernel-based saliency score propagation in the image enable the assignment of similar saliency values to homogenous object regions.Experimental results on several benchmark datasets demonstrate that our anomaly detection methods overall outperform several state-of-art anomaly detection methods. The effectiveness of our image saliency detection method is validated by comparison with several state-of-art saliency detection methods.

show abstract

“…Such approaches do not work well in even moderately high-dimensional (multivariate) spaces, and finding the right model is often a difficult task in its own right. Simplified probabilistic models suffer from a high false positive rate (Mahoney and Chan, 2002;Otey et al, 2003). Also, methods based on computational geometry (Johnson et al, 1998) do not scale well as the number of dimensions increase.…”

Section: Related Workmentioning

confidence: 99%

Fast Distributed Outlier Detection in Mixed-Attribute Data Sets

Otey

Ghoting

Parthasarathy

2006

Data Min Knowl Disc

195

127

View full text Add to dashboard Cite

Efficiently detecting outliers or anomalies is an important problem in many areas of science, medicine and information technology. Applications range from data cleaning to clinical diagnosis, from detecting anomalous defects in materials to fraud and intrusion detection. Over the past decade, researchers in data mining and statistics have addressed the problem of outlier detection using both parametric and non-parametric approaches in a centralized setting. However, there are still several challenges that must be addressed. First, most approaches to date have focused on detecting outliers in a continuous attribute space. However, almost all real-world data sets contain a mixture of categorical and continuous attributes. Categorical attributes are typically ignored or incorrectly modeled by existing approaches, resulting in a significant loss of information. Second, there have not been any general-purpose distributed outlier detection algorithms. Most distributed detection algorithms are designed with a specific domain (e.g. sensor networks) in mind. Third, the data sets being analyzed may be streaming or otherwise dynamic in nature. Such data sets are prone to concept drift, and models of the data must be dynamic as well. To address these challenges, we present a tunable algorithm for distributed outlier detection in dynamic mixed-attribute data sets.

show abstract

Towards NIC-based intrusion detection

Cited by 29 publications

References 17 publications

Rule-based OneClass-DS learning algorithm

Rule-based OneClass-DS learning algorithm

Anomaly Detection Using Local Kernel Density Estimation and Context-Based Regression

Fast Distributed Outlier Detection in Mixed-Attribute Data Sets

Contact Info

Product

Resources

About