Anomaly Detection Using Gaussian Mixture Probability Model to Implement Intrusion Detection System

被引：8

作者：

Blanco, Roberto ^{[1
,2
]}

Malagon, Pedro ^{[1
,2
]}

Briongos, Samira ^{[1
,2
]}

Moya, Jose M. ^{[1
,2
]}

机构：

[1] LSI Univ Politecn Madrid, Madrid, Spain

[2] CCS Ctr Computat Simulat, Madrid, Spain

来源：

HYBRID ARTIFICIAL INTELLIGENT SYSTEMS, HAIS 2019 | 2019年 / 11734卷

关键词：

Intrusion Detection; Gaussian Mixture Model; Voting; MACHINE;

D O I：

10.1007/978-3-030-29859-3_55

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Network intrusion detection systems (NIDS) detect attacks or anomalous network traffic patterns in order to avoid cybersecurity issues. Anomaly detection algorithms are used to identify unusual behavior or outliers in the network traffic in order to generate alarms. Traditionally, Gaussian Mixture Models (GMMs) have been used for probabilistic-based anomaly detection NIDS. We propose to use multiple simple GMMs to model each individual feature, and an asymmetric voting scheme that aggregates the individual anomaly detectors to provide. We test our approach using the NSL dataset. We construct the normal behavior models using only the samples labelled as normal in this dataset and evaluate our proposal using the official NSL testing set. As a result, we obtain a F1-score over 0.9, outperforming other supervised and unsupervised proposals.

引用

页码：648 / 659

页数：12

共 50 条

[1] Anomaly Intrusion Detection System Using Gaussian Mixture Model
Bahrololum, M.
Khaleghi, A.
[J]. THIRD 2008 INTERNATIONAL CONFERENCE ON CONVERGENCE AND HYBRID INFORMATION TECHNOLOGY, VOL 1, PROCEEDINGS, 2008, : 1162 - 1167
[2] Anomaly Intrusion Detection System Using Hierarchical Gaussian Mixture Model
Bahrololum, M.
Khaleghi, M.
[J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2008, 8 (08): : 264 - 271
[3] Anomaly Detection on Intrusion Detection System Using CLIQUE Partitioning
Nastaiinullah, N.
Adiwijaya
Kurniati, A. P.
[J]. 2014 2ND INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY (ICOICT), 2014,
[4] Network Anomaly Detection Using Federated Deep Autoencoding Gaussian Mixture Model
Chen, Yang
Zhang, Junzhe
Yeo, Chai Kiat
[J]. MACHINE LEARNING FOR NETWORKING (MLN 2019), 2020, 12081 : 1 - 14
[5] Misuse and Anomaly Intrusion Detection System using Ensemble Learning Model
Varal, Anuradha S.
Wagh, S. K.
[J]. 2018 INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN ELECTRICAL, ELECTRONICS & COMMUNICATION ENGINEERING (ICRIEECE 2018), 2018, : 1722 - 1727
[6] Anomaly Intrusion Detection Using Incremental Learning of an Infinite Mixture Model with Feature Selection
Fan, Wentao
Bouguila, Nizar
Sallay, Hassen
[J]. ROUGH SETS AND KNOWLEDGE TECHNOLOGY: 8TH INTERNATIONAL CONFERENCE, 2013, 8171 : 364 - 373
[7] Anomaly Detection in Hyperspectral Imagery Based on Gaussian Mixture Model
Qu, Jiahui
Du, Qian
Li, Yunsong
Tian, Long
Xia, Haoming
[J]. IEEE TRANSACTIONS ON GEOSCIENCE AND REMOTE SENSING, 2021, 59 (11): : 9504 - 9517
[8] Intrusion Detection System (IDS): Anomaly Detection using Outlier Detection Approach
Jabez, J.
Muthukumar, B.
[J]. INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATION AND CONVERGENCE (ICCC 2015), 2015, 48 : 338 - 346
[9] Network Anomaly Detection using Fuzzy Gaussian Mixture Models
Tran, Dat
Ma, Wanli
Sharma, Dharmendra
[J]. INTERNATIONAL JOURNAL OF FUTURE GENERATION COMMUNICATION AND NETWORKING, 2008, 1 (01): : 37 - 42
[10] Anomaly detection for time series using temporal convolutional networks and Gaussian mixture model
Liu, Jianwei
Zhu, Hongwei
Liu, Yongxia
Wu, Haobo
Lan, Yunsheng
Zhang, Xinyu
[J]. 2018 INTERNATIONAL SYMPOSIUM ON POWER ELECTRONICS AND CONTROL ENGINEERING (ISPECE 2018), 2019, 1187

← 1 2 3 4 5 →