Autonomic Intrusion Detection System

Wang, Wei; Guyet, Thomas; Knapskog, Svein J.

doi:10.1007/978-3-642-04342-0_24

Wei Wang¹⁸,
Thomas Guyet^19,20 &
Svein J. Knapskog¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5758))

Included in the following conference series:

International Workshop on Recent Advances in Intrusion Detection

1733 Accesses
2 Citations

Abstract

We propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection in unlabeled audit data streams. The framework owns ability of self-managing: self-labeling, self-updating and self-adapting. Affinity Propagation (AP) uses the framework to learn a subject’s behavior through dynamical clustering of the streaming data. The testing results with a large real HTTP log stream demonstrate the effectiveness and efficiency of the method.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

ISM-AC: an immune security model based on alert correlation and software-defined networking

Article 03 May 2021

Network Abnormal Behavior Detection Method Based on Affinity Propagation

A real-time adaptive network intrusion detection for streaming data: a hybrid approach

Article 14 January 2022

References

Wang, W., Masseglia, F., Guyet, T., Quiniou, R., Cordier, M.O.: A general framework for adaptive and online detection of web attacks. In: WWW, pp. 1141–1142 (2009)
Google Scholar
Zhang, X., Furtlehner, C., Sebag, M.: Data streaming with affinity propagation. In: Daelemans, W., Goethals, B., Morik, K. (eds.) ECML / PKDD 2008, Part II. LNCS (LNAI), vol. 5212, pp. 628–643. Springer, Heidelberg (2008)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Q2S Centre, Norwegian University of Science and Technology (NTNU), Norway
Wei Wang & Svein J. Knapskog
Project DREAM, INRIA Rennes/IRISA, France
Thomas Guyet
AGROCAMPUS OUEST, Rennes, France
Thomas Guyet

Authors

Wei Wang
View author publications
You can also search for this author in PubMed Google Scholar
Thomas Guyet
View author publications
You can also search for this author in PubMed Google Scholar
Svein J. Knapskog
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute Eurecom, 2229 Route des Cretes, 06560, Sophia-Antipolis Cedex, France
Engin Kirda & Davide Balzarotti &
Computer Sciences Department, University of Wisconsin, 53706, Madison, WI, USA
Somesh Jha

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wang, W., Guyet, T., Knapskog, S.J. (2009). Autonomic Intrusion Detection System. In: Kirda, E., Jha, S., Balzarotti, D. (eds) Recent Advances in Intrusion Detection. RAID 2009. Lecture Notes in Computer Science, vol 5758. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04342-0_24

Download citation

DOI: https://doi.org/10.1007/978-3-642-04342-0_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04341-3
Online ISBN: 978-3-642-04342-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics