A Method of Data Preprocessing for Network Security Situational Awareness Based on Conditional Random Fields
نویسندگان
چکیده
Network Security Situational Awareness(NSSA) has been a hot research in the network security domain. Because of the large amount of Intrusion Detection System (IDS), We propose a new method of data preprocessing for NSSA based on conditional random fields(CRFs). It takes advantages of the CRFs models which can stitch to sequence data marking and add random attributes to deal with the amount of data from IDS, and provide the data for NSSA. It uses KDD Cup 1999 data sets as experimental data and comes to a conclusion that our proposed method is practicable, reliable and efficient. Keywordsnetwork security; situational awareness;conditional Random Fields
منابع مشابه
NetSecRadar: A Visualization System for Network Security Situational Awareness
Situational awareness is defined as the ability to effectively determine an overall computer network status based on relationships between security events in multiple dimensions. Unfortunately, as the lack of tools to synthetically analyze the security logs generated by kinds of network security products, such as NetFlow, Firewall and Host Security, it is difficult to monitor and perceive netwo...
متن کاملConditional Random Fields for Airborne Lidar Point Cloud Classification in Urban Area
Over the past decades, urban growth has been known as a worldwide phenomenon that includes widening process and expanding pattern. While the cities are changing rapidly, their quantitative analysis as well as decision making in urban planning can benefit from two-dimensional (2D) and three-dimensional (3D) digital models. The recent developments in imaging and non-imaging sensor technologies, s...
متن کاملIntrusion Detection Using Conditional Random Fields
Intrusion detection systems have become a key component in ensuring the safety of systems and networks. This paper introduces the probabilistic approach called Conditional Random Fields (CRF) for detecting network based intrusions. In this paper, we have shown results for the issue of accuracy using CRFs. It is demonstrated that high attack detection accuracy can be achieved by using Conditiona...
متن کاملBehavioral Analysis of Traffic Flow for an Effective Network Traffic Identification
Fast and accurate network traffic identification is becoming essential for network management, high quality of service control and early detection of network traffic abnormalities. Techniques based on statistical features of packet flows have recently become popular for network classification due to the limitations of traditional port and payload based methods. In this paper, we propose a metho...
متن کاملImprovement and parallelization of Snort network intrusion detection mechanism using graphics processing unit
Nowadays, Network Intrusion Detection Systems (NIDS) are widely used to provide full security on computer networks. IDS are categorized into two primary types, including signature-based systems and anomaly-based systems. The former is more commonly used than the latter due to its lower error rate. The core of a signature-based IDS is the pattern matching. This process is inherently a computatio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012