Visualization and Clustering for SNMP Intrusion Detection

Herrero, Álvaro; Corchado, Emilio

doi:10.1080/01969722.2013.803903

Cited by 24 publications

(15 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The obtained results vary from the different analyzed datasets and the behavior of the applied clustering techniques. These results are consistent with those previously obtained for other SNMP anomalous situations [6,7]. There is no distance criterion which shows the best results, hence its selection will depend on the analyzed data.…”

Section: Discussionsupporting

confidence: 94%

“…Based on successful results obtained by upgrading MOVICAB-IDS with clustering techniques to detect different attacks on packet-based data [6,7], present work focuses on flow-based data. Hence, present work proposes the combination of MOVICAB-IDS and different clustering techniques to analyze a database of flow-based attack situations, generated by the University of Twente [8].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Clustering and Neural Visualization for Flow-Based Intrusion Detection

Herrero

Corchado

2015

Advances in Intelligent Systems and Computing

Self Cite

View full text Add to dashboard Cite

To secure a system, potential threats must be identified and therefore, attack features are understood and predicted. Present work aims at being one step towards the proposal of an Intrusion Detection System (IDS) that faces zero-day attacks. To do that, MObile VIsualisation Connectionist Agent-Based IDS (MOVICAB-IDS), previously proposed as a hybrid-intelligent visualization-based IDS, is being upgraded by adding clustering methods. To check the validity of the proposed clustering extension, it faces a realistic flow-based dataset in present paper. The analyzed data come from a honeypot directly connected to the Internet (thus ensuring attack-exposure) and is analyzed by clustering and neural tools, individually and in conjunction. Through the experimental stage, it is shown that the combination of clustering and neural projection improves the detection capability on a continuous network flow.

show abstract

Section: Discussionsupporting

confidence: 94%

Section: Introductionmentioning

confidence: 99%

Clustering and Neural Visualization for Flow-Based Intrusion Detection

Herrero

Corchado

2015

Advances in Intelligent Systems and Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…The obtained results vary from the different segments and the behaviour of the applied clustering techniques. These results are consistent with those previously obtained for packet-based data [6,7]. There is not a distance criterion which obtains the best results, hence its selection depends on the analysed data.…”

Section: Discussionsupporting

confidence: 91%

Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data

Herrero

Corchado

2016

Logic Jnl IGPL

Self Cite

View full text Add to dashboard Cite

Much effort has been devoted to research on intrusion detection in recent years because intrusion strategies and technologies are constantly and quickly evolving. As an innovative solution based on visualization, MOVICAB-IDS was previously proposed, conceived as a hybrid-intelligent Intrusion Detection System. It was designed to analyse continuous network data at a packet level and is extended in present paper for the analysis of flow-based traffic data. By incorporating clustering techniques to the original proposal, network flows are investigated trying to identify different types of attacks. The analysed real-life data (the wellknown dataset from the University of Twente) come from a honeypot directly connected to the Internet (thus ensuring attack-exposure) and is analysed by means of clustering and neural techniques, individually and in conjunction. Promising results are obtained, proving the validity of the proposed extension for the analysis of network flow data.

show abstract

“…Those datasets have also been used in our study, as described further on in the article. In [29], clustering and visualization techniques have been combined to generate an automatic response to the previously developed MOVICAB-IDS system. The modified MOVICAB-IDS has been applied to the three datasets, to assess the improvement of the proposed approach.…”

Section: Literature Reviewmentioning

confidence: 99%

Intrusion Detection with Unsupervised Techniques for Network Management Protocols over Smart Grids

et al. 2020

Self Cite

View full text Add to dashboard Cite

The present research work focuses on overcoming cybersecurity problems in the Smart Grid. Smart Grids must have feasible data capture and communications infrastructure to be able to manage the huge amounts of data coming from sensors. To ensure the proper operation of next-generation electricity grids, the captured data must be reliable and protected against vulnerabilities and possible attacks. The contribution of this paper to the state of the art lies in the identification of cyberattacks that produce anomalous behaviour in network management protocols. A novel neural projectionist technique (Beta Hebbian Learning, BHL) has been employed to get a general visual representation of the traffic of a network, making it possible to identify any abnormal behaviours and patterns, indicative of a cyberattack. This novel approach has been validated on 3 different datasets, demonstrating the ability of BHL to detect different types of attacks, more effectively than other state-of-the-art methods.

show abstract

Visualization and Clustering for SNMP Intrusion Detection

Cited by 24 publications

References 27 publications

Clustering and Neural Visualization for Flow-Based Intrusion Detection

Clustering and Neural Visualization for Flow-Based Intrusion Detection

Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data

Intrusion Detection with Unsupervised Techniques for Network Management Protocols over Smart Grids

Contact Info

Product

Resources

About