Context-based profiling for anomaly intrusion detection with diagnosis

被引:0
|
作者
Salem, Benferhat [1 ]
Karim, Tabia [1 ]
机构
[1] Univ Artois, CNRS, CRIL, FRE2499, Rue Jean Souvraz SP 18, F-62307 Lens, France
来源
ARES 2008: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON AVAILABILITY, SECURITY AND RELIABILITY | 2008年
关键词
anomaly detection; diagnosis; traffic profiling;
D O I
10.1109/ARES.2008.150
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Anomaly detection approaches are generally efficient in detecting new attacks. However, they fail in providing any further information regarding the nature of attacks. The first contribution of this paper is to equip an anomaly detection approach with a diagnosis module that classifies anomaly approach outputs in one among well known attack categories. The second contribution concerns a context-based definition of normal network traffic profiles. We provide experimental studies showing for instance that considering normal profile for each service provides better results than considering a unique global normal profile.
引用
收藏
页码:618 / +
页数:2
相关论文
共 50 条
  • [1] A context-based analysis of intrusion detection for policy violation
    Wan, Kaiyu
    Alagar, Vasu
    Yang, Zhong Yuan
    [J]. CIS: 2007 INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY, PROCEEDINGS, 2007, : 692 - +
  • [2] A correlative context-based framework for network intrusion detection system
    Wang, Y
    Abdel-Wahab, H
    [J]. 10TH IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS, PROCEEDINGS, 2005, : 463 - 468
  • [3] Context-based predictive diagnosis
    Brighenti, A.
    Brighenti, C.
    Ricatto, M.
    Quintabà, D.
    [J]. Hydrocarbon Engineering, 2022, 27 (02): : 65 - 74
  • [4] Anomaly Detection Using Local Kernel Density Estimation and Context-Based Regression
    Hu, Weiming
    Gao, Jun
    Li, Bing
    Wu, Ou
    Du, Junping
    Maybank, Stephen
    [J]. IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2020, 32 (02) : 218 - 233
  • [5] Anomaly detection based Intrusion Detection
    Novikov, Dima
    Yampolskiy, Roman V.
    Reznik, Leon
    [J]. THIRD INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, PROCEEDINGS, 2006, : 420 - +
  • [6] Profiling Network Traffic Behavior for the purpose of Anomaly-based Intrusion Detection
    Gill, Manmeet Singh
    Lindskog, Dale
    Zavarsky, Pavol
    [J]. 2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE), 2018, : 885 - 890
  • [7] The Integrated Bayesian Framework based on graphics for behavior profiling of anomaly intrusion detection
    Cha, ByungRae
    [J]. Advances in Computational Methods in Sciences and Engineering 2005, Vols 4 A & 4 B, 2005, 4A-4B : 1790 - 1795
  • [8] Anomaly intrusion detection based on biometrics
    Ahmed, AAE
    Traore, I
    [J]. Proceedings from the Sixth Annual IEEE Systems, Man and Cybernetics Information Assurance Workshop, 2005, : 452 - 453
  • [9] Adaptive anomaly-based intrusion detection system using genetic algorithm and profiling
    Alves Resende, Paulo Angelo
    Drummond, Andre Costa
    [J]. SECURITY AND PRIVACY, 2018, 1 (04):
  • [10] Context-based Trajectory Descriptor for Human Activity Profiling
    Pereira, Eduardo M.
    Ciobanu, Lucian
    Cardoso, Jaime S.
    [J]. 2014 IEEE INTERNATIONAL CONFERENCE ON SYSTEMS, MAN AND CYBERNETICS (SMC), 2014, : 2385 - 2390
12345