Visualization and Clustering for SNMP Intrusion Detection
نویسندگان
چکیده
Accurate intrusion detection still is an open challenge. Present work aims at being one step towards that purpose by studying the combination of clustering and visualization techniques. To do that, MOVICAB-IDS, previously proposed as a hybrid intelligent Intrusion Detection System (IDS) based on visualization techniques, is upgraded by adding automatic response thanks to clustering methods. To check the validity of the proposed clustering extension, it has been applied to the identification of different anomalous situations related to the SNMP network protocol by using real-life data sets. Different ways of applying neural projection and clustering techniques are studied in present work. Through the experimental validation it is shown that the proposed techniques could be compatible and consequently applied to a continuous network flow for intrusion detection.
منابع مشابه
Clustering extension of MOVICAB-IDS to identify SNMP community searches
There are many security systems to protect information resources, but we are still not free from possible successful attacks. This study aims at being one step towards the proposal of an intrusion detection system (IDS) that faces those attacks not previously seen (zero-day attacks), by studying the combination of clustering and neural visualization techniques. To do that, MObile VIsualization ...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملImproving Accuracy in Intrusion Detection Systems Using Classifier Ensemble and Clustering
Recently by developing the technology, the number of network-based servicesis increasing, and sensitive information of users is shared through the Internet.Accordingly, large-scale malicious attacks on computer networks could causesevere disruption to network services so cybersecurity turns to a major concern fornetworks. An intrusion detection system (IDS) could be cons...
متن کاملIdentification of Anomalous SNMP Situations Using a Cooperative Connectionist Exploratory Projection Pursuit Model
The work presented in this paper shows the capability of a connectionist model, based on a statistical technique called Exploratory Projection Pursuit (EPP), to identify anomalous situations related to the traffic which travels along a computer network. The main novelty of this research resides on the fact that the connectionist architecture used here has never been applied to the field of IDS ...
متن کاملIntrusion Detection based on a Novel Hybrid Learning Approach
Information security and Intrusion Detection System (IDS) plays a critical role in the Internet. IDS is an essential tool for detecting different kinds of attacks in a network and maintaining data integrity, confidentiality and system availability against possible threats. In this paper, a hybrid approach towards achieving high performance is proposed. In fact, the important goal of this paper ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Cybernetics and Systems
دوره 44 شماره
صفحات -
تاریخ انتشار 2013