Frequent episode rules for Internet anomaly detection

被引:0
作者
Qin, M [1 ]
Hwang, K [1 ]
机构
[1] Univ So Calif, Los Angeles, CA 90089 USA
来源
THIRD IEEE INTERNATIONAL SYMPOSIUM ON NETWORK COMPUTING AND APPLICATIONS, PROCEEDINGS | 2004年
关键词
network security; intrusion detection; traffic datamining; anomaly detection; false alarms; grid computing;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper introduces a new Internet trace technique for generating frequent episode rules to characterize Internet traffic events. These episode rules are used to distinguish anomalous sequences of TCP, UDP, or ICMP connections from normal traffic episodes. Fundamental pruning techniques are introduced to reduce the rule search space by 70%. The new detection scheme was tested over real-life Internet trace data at USC. Our anomaly detection scheme results in a success rate of 47% for DoS, R2L, and port-scanning attacks. These results demonstrate an average of 51% improvement over the use of association rules. We experienced 20 or less false alarms over 200 network attacks in 9 days of tracing experiments. This anomaly detection scheme can be used jointly with signature-based IDS to achieve even higher detection efficiency.
引用
收藏
页码:161 / 168
页数:8
相关论文
共 50 条
  • [31] Internet of Things Anomaly Detection using Machine Learning
    Njilla, Laruent
    Pearlstein, Larry
    Wu, Xin-Wen
    Lutz, Adam
    Ezekiel, Soundararajan
    2019 IEEE APPLIED IMAGERY PATTERN RECOGNITION WORKSHOP (AIPR), 2019,
  • [32] Internet anomaly detection based on statistical covariance matrix
    Jin, Shuyuan
    Yeung, Daniel S.
    Wang, Xizhao
    INTERNATIONAL JOURNAL OF PATTERN RECOGNITION AND ARTIFICIAL INTELLIGENCE, 2007, 21 (03) : 591 - 606
  • [33] Federated deep learning for anomaly detection in the internet of things
    Wang, Xiaofeng
    Wang, Yonghong
    Javaheri, Zahra
    Almutairi, Laila
    Moghadamnejad, Navid
    Younes, Osama S.
    COMPUTERS & ELECTRICAL ENGINEERING, 2023, 108
  • [34] Probabilistic Inference of Internet Node Geolocation with Anomaly Detection
    Mukne, Neehar
    Paffenroth, Randy
    2017 IEEE INTERNATIONAL SYMPOSIUM ON TECHNOLOGIES FOR HOMELAND SECURITY (HST), 2017,
  • [35] Soft Voting for Anomaly Detection in Internet of Medical Things
    Salem, Osman
    Mehaoua, Ahmed
    Boutaba, Raouf
    IEEE CONFERENCE ON GLOBAL COMMUNICATIONS, GLOBECOM, 2023, : 498 - 503
  • [36] An HTTP Anomaly Detection Architecture Based on the Internet of Intelligence
    An, Yufei
    He, Ying
    Yu, F. Richard
    Li, Jianqiang
    Chen, Jianyong
    Leung, Victor C. M.
    IEEE TRANSACTIONS ON COGNITIVE COMMUNICATIONS AND NETWORKING, 2022, 8 (03) : 1552 - 1565
  • [37] Internet Anomaly Detection Based on Complex Network Path
    Wang, Jinfa
    Jia, Siyuan
    Zhao, Hai
    Xu, Jiuqiang
    Lin, Chuan
    IEICE TRANSACTIONS ON COMMUNICATIONS, 2018, E101B (12) : 2397 - 2408
  • [38] A Survey on Explainable Anomaly Detection for Industrial Internet of Things
    Huang, Zijie
    Wu, Yulei
    2022 5TH IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING (IEEE DSC 2022), 2022,
  • [39] NEW ADAPTIVE NETWORK ANOMALY DETECTION SYSTEM USING FREQUENT PATTERNS
    Said, Aiman Moyaid
    Dominic, Dhanapal Durai
    Samir, Brahim Belhaouari
    Balfagih, Zain
    4TH INTERNATIONAL CONFERENCE ON SOFTWARE TECHNOLOGY AND ENGINEERING (ICSTE 2012), 2012, : 369 - 374
  • [40] An Improved Anomaly Detection Method Based on Fuzzy Association Rules
    Yang, Zifen
    2010 INTERNATIONAL COLLOQUIUM ON COMPUTING, COMMUNICATION, CONTROL, AND MANAGEMENT (CCCM2010), VOL I, 2010, : 474 - 477
12345