Autonomic Intrusion Detection System
نویسندگان
چکیده
Abstract. We propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection in unlabeled audit data streams. The framework owns ability of self-managing: selflabeling, self-updating and self-adapting. Affinity Propagation (AP) uses the framework to learn a subject’s behavior through dynamical clustering of the streaming data. The testing results with a large real HTTP log stream demonstrate the effectiveness and efficiency of the method.
منابع مشابه
An Autonomic Intrusion Detection Model with Multi-Attribute Auction Mechanism
We present an innovative intrusion detection model based on autonomic computing to extend the passive detection mechanism in a traditional intrusion detection system (IDS). Centered on an autonomic manager, this model introduces a multi-attribute auction mechanism in the agent coordination layer to perceive environmental changes, manage and allocate resources, and achieve an active response to ...
متن کاملMulti-Level Anomaly based Autonomic Intrusion Detection System
The rapid growth and deployment of network technologies and Internet services has made security and management of networks a challenging research problem. This growth is accompanied by an exponential growth in the number of network attacks, which have become more complex, more organized, more dynamic, and more severe than ever. Current network protection techniques are static, slow in respondin...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملAutonomic Agent-Based Self-Managed Intrusion Detection and Prevention System
Over the last fifteen years the world has experienced a wide variety of computer threats and general computer security problems. As communication advances and information management systems become more and more powerful and distributed, organizations are becoming increasingly vulnerable to potential security threats such as intrusions at all levels of Information Communication Technology (ICT)....
متن کاملA New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کامل