Adaptive Observation-Centric Anomaly-Based Intrusion Detection: Modeling, Analysis and Evaluation
نویسنده
چکیده
Anomaly-based intrusion detection is about discrimination of malicious and legitimate patterns of activities (system or user-driven) in variables characterizing system normality. Due to the nonstationarity and increasingly complexity of today’s computer systems, perfect normality characterization is always deemed to be an unreachable goal for any anomaly detection model. Because of the same reason, most of existing anomaly detection techniques are based solely on expert knowledge or intuition in a given operating environment, and the cost have to pay is allow the limits to exist in terms of expected false alarms. Our research objective is to develop and design effective and efficient models, methods and techniques for anomaly-based intrusion detection in hosts and networks with provision of adaptability, dependability, and scalability.
منابع مشابه
An Observation-Centric Analysis on the Modeling of Anomaly-based Intrusion Detection
It is generally agreed that two key points always attract special concerns during the modelling of anomaly-based intrusion detection. One is the techniques about discerning two classes with different features, another is the construction/selection of the observed sample of normally occurring patterns for system normality characterization. In this paper, instead of focusing on the design of spec...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملAdaptive Anomaly-Based Intrusion Detection System Using Fuzzy Controller
The major work of intrusion detection systems is used to detect the anomaly and new attackers in the networks, even still various false alarms are caused in order to neglect this necessary feature. Existing system present an anomaly-based intrusion detection system to improve the system performance. Fuzzy rule-based modeling and fuzzy controller are used to create a detection model in the train...
متن کاملSTLR: a novel danger theory based structural TLR algorithm
Artificial Immune Systems (AIS) have long been used in the field of computer security and especially in Intrusion Detection systems. Intrusion detection based on AISs falls into two main categories. The first generation of AIS is inspired from adaptive immune reactions but, the second one which is called danger theory focuses on both adaptive and innate reactions to build a more biologically-re...
متن کامل