An auto-learning approach for network intrusion detection

被引:6
|
作者
Boulaiche, Ammar [1 ,2 ]
Adi, Kamel [2 ]
机构
[1] Univ Bejaia, Dept Comp Sci, Bejaia 06000, Algeria
[2] Univ Quebec Outaouais, Comp Secur Res Lab, Quebec City, PQ, Canada
来源
TELECOMMUNICATION SYSTEMS | 2018年 / 68卷 / 02期
关键词
Intrusion detection; Honeypots; Fuzzy hashing; DARPA'99 dataset; UNSW-NB15; dataset; LONGEST COMMON SUBSEQUENCE; SIGNATURES; GENERATION; SET;
D O I
10.1007/s11235-017-0395-z
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
In this paper, we propose a novel intrusion detection technique with a fully automatic attack signatures generation capability. The proposed approach exploits a honeypot traffic data analysis to build an attack scenarios database, used to detect potential intrusions. Furthermore, for an effective and efficient intrusion detection mechanism, we introduce several new or adapted algorithms for signature generation, signature comparison, etc. Finally, we use DARPA'99 and UNSW-NB15 traffic to evaluate the proposed approach. The results indicate that the generated attack signatures are of high quality with low rates of false negatives and false positives.
引用
收藏
页码:277 / 294
页数:18
相关论文
共 50 条
  • [1] An auto-learning approach for network intrusion detection
    Ammar Boulaiche
    Kamel Adi
    Telecommunication Systems, 2018, 68 : 277 - 294
  • [2] Network intrusion detection system: A machine learning approach
    Panda, Mrutyunjaya
    Abraham, Ajith
    Das, Swagatam
    Patra, Manas Ranjan
    INTELLIGENT DECISION TECHNOLOGIES-NETHERLANDS, 2011, 5 (04): : 347 - 356
  • [3] A Grassmannian Approach to Zero-Shot Learning for Network Intrusion Detection
    Rivero, Jorge
    Ribeiro, Bernardete
    Chen, Ning
    Leite, Fatima Silva
    NEURAL INFORMATION PROCESSING, ICONIP 2017, PT I, 2017, 10634 : 565 - 575
  • [4] A PSO-Based approach to rule learning in network intrusion detection
    Chen, Guolong
    Chen, Qingliang
    Guo, Wenzhong
    FUZZY INFORMATION AND ENGINEERING, PROCEEDINGS, 2007, 40 : 666 - +
  • [5] Deep Learning Approach for Network Intrusion Detection in Software Defined Networking
    Tang, Tuan A.
    Mhamdi, Lotfi
    McLernon, Des
    Zaidi, Syed Ali Raza
    Ghogho, Mounir
    2016 INTERNATIONAL CONFERENCE ON WIRELESS NETWORKS AND MOBILE COMMUNICATIONS (WINCOM), 2016, : P258 - P263
  • [6] A Continuous Learning Approach for Real-Time Network Intrusion Detection
    Martina, Marcello Rinaldo
    Foresti, Gian Luca
    INTERNATIONAL JOURNAL OF NEURAL SYSTEMS, 2021, 31 (12)
  • [7] Intrusion Detection in Software Defined Network Using Deep Learning Approach
    Susilo, Bambang
    Sari, Riri Fitri
    2021 IEEE 11TH ANNUAL COMPUTING AND COMMUNICATION WORKSHOP AND CONFERENCE (CCWC), 2021, : 807 - 812
  • [8] Auto-Updating Intrusion Detection System for Vehicular Network: A Deep Learning Approach Based on Cloud-Edge-Vehicle Collaboration
    Fan, Chunyang
    Cui, Jie
    Jin, Hulin
    Zhong, Hong
    Bolodurina, Irina
    He, Debiao
    IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, 2024, 73 (10) : 15372 - 15384
  • [9] ZeekFlow: Deep Learning-Based Network Intrusion Detection a Multimodal Approach
    Giagkos, Dimitrios
    Kompougias, Orestis
    Litke, Antonis
    Papadakis, Nikolaos
    COMPUTER SECURITY. ESORICS 2023 INTERNATIONAL WORKSHOPS, CPS4CIP, PT II, 2024, 14399 : 409 - 425
  • [10] Effective network intrusion detection via representation learning: A Denoising AutoEncoder approach
    Lopes, Ivandro O.
    Zou, Deqing
    Abdulqadder, Ihsan H.
    Ruambo, Francis A.
    Yuan, Bin
    Jin, Hai
    COMPUTER COMMUNICATIONS, 2022, 194 : 55 - 65
12345