Park et al., 2018 - Google Patents
Classification of attack types for intrusion detection systems using a machine learning algorithmPark et al., 2018
- Document ID
- 9265272300928526116
- Author
- Park K
- Song Y
- Cheong Y
- Publication year
- Publication venue
- 2018 IEEE fourth international conference on big data computing service and applications (BigDataService)
External Links
Snippet
In this paper, we present the results of our experiments to evaluate the performance of detecting different types of attacks (eg, IDS, Malware, and Shellcode). We analyze the recognition performance by applying the Random Forest algorithm to the various datasets …
- 238000001514 detection method 0 title abstract description 26
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Park et al. | Classification of attack types for intrusion detection systems using a machine learning algorithm | |
Aljawarneh et al. | Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model | |
Janarthanan et al. | Feature selection in UNSW-NB15 and KDDCUP'99 datasets | |
Kayacik et al. | Selecting features for intrusion detection: A feature relevance analysis on KDD 99 intrusion detection datasets | |
Sahu et al. | Network intrusion detection system using J48 Decision Tree | |
Tavallaee et al. | A detailed analysis of the KDD CUP 99 data set | |
Hoque et al. | An implementation of intrusion detection system using genetic algorithm | |
CN109644184B (en) | Clustering method for detecting DDOS botnet on cloud from IPFIX data | |
US11700269B2 (en) | Analyzing user behavior patterns to detect compromised nodes in an enterprise network | |
Krishnaveni et al. | Ensemble approach for network threat detection and classification on cloud computing | |
Zhang et al. | Distributed intrusion detection based on clustering | |
Balkanli et al. | Feature selection for robust backscatter DDoS detection | |
Zhang et al. | Proword: An unsupervised approach to protocol feature word extraction | |
Pattawaro et al. | Anomaly-based network intrusion detection system through feature selection and hybrid machine learning technique | |
US10419449B1 (en) | Aggregating network sessions into meta-sessions for ranking and classification | |
Wang et al. | A Log‐Based Anomaly Detection Method with Efficient Neighbor Searching and Automatic K Neighbor Selection | |
CN111835781A (en) | Method and system for discovering host of homologous attack based on lost host | |
Baek et al. | Clustering-based label estimation for network anomaly detection | |
Kumar et al. | Nature-inspired intrusion detection system for protecting software-defined networks controller | |
Brandao et al. | Log Files Analysis for Network Intrusion Detection | |
Elekar | Combination of data mining techniques for intrusion detection system | |
Meng et al. | Design of cloud-based parallel exclusive signature matching model in intrusion detection | |
Guntupalli et al. | Enhancing the Security by Analyzing the Behaviour of Multiple Classification Algorithms with Dimensionality Reduction to Obtain Better Accuracy | |
Nalavade et al. | Evaluation of k-means clustering for effective intrusion detection and prevention in massive network traffic data | |
Patil et al. | A comparative performance evaluation of machine learning-based NIDS on benchmark datasets |