Evaluating Pattern Recognition Techniques in Intrusion Detection Systems
نویسندگان
چکیده
Pattern recognition is the discipline studying the design and operation of systems capable to recognize patterns with specific properties in data sources. Intrusion detection, on the other hand, is in charge of identifying anomalous activities by analyzing a data source, be it the logs of an operating system or in the network traffic. It is easy to find similarities between such research fields, and it is straightforward to think of a way to combine them. As to the descriptions above, we can imagine an Intrusion Detection System (IDS) using techniques proper of the pattern recognition field in order to discover an attack pattern within the network traffic. What we propose in this work is such a system, which exploits the results of research in the field of data mining, in order to discover potential attacks. The paper also presents some experimental results dealing with performance of our system in a real-world operational scenario.
منابع مشابه
Neural Network Techniques for Improved Intrusion Detection in Communication Systems
In this paper we discuss the main research approaches in the development of automated and systematic methods for intrusion detection. In this critical overview, the key concept underlying the presented intrusion detection systems is that they involve pattern analysis techniques to discover consistent and useful patterns of system features that describe program and user behaviour, and the set of...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملPJST 2 JUNE.pmd
Research in the field of computer and network sciences demands for tools and methodology to test their security effectively. Intrusion Detection System is used to perform the same with a fact that an intruder’s behavior will be noticeably different from that of a legitimate user and would exploit security vulnerabilities. IDS have thousands of alerts per day; some are mistakenly triggered by be...
متن کاملAlert correlation and prediction using data mining and HMM
Intrusion Detection Systems (IDSs) are security tools widely used in computer networks. While they seem to be promising technologies, they pose some serious drawbacks: When utilized in large and high traffic networks, IDSs generate high volumes of low-level alerts which are hardly manageable. Accordingly, there emerged a recent track of security research, focused on alert correlation, which ext...
متن کاملA hybridization of evolutionary fuzzy systems and ant Colony optimization for intrusion detection
A hybrid approach for intrusion detection in computer networks is presented in this paper. The proposed approach combines an evolutionary-based fuzzy system with an Ant Colony Optimization procedure to generate high-quality fuzzy-classification rules. We applied our hybrid learning approach to network security and validated it using the DARPA KDD-Cup99 benchmark data set. The results indicate t...
متن کامل