Skip to main content
Springer Nature Link
Log in

Anomaly-Based Network Intrusion Detection Using Outlier Subspace Analysis: A Case Study

  • Conference paper
Advances in Artificial Intelligence (Canadian AI 2011)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 6657))

Included in the following conference series:

  • 1686 Accesses

Abstract

This paper employs SPOT (Stream Projected Outlier deTector) as a prototype system for anomaly-based intrusion detection and evaluates its performance against other major methods. SPOT is capable of processing high-dimensional data streams and detecting novel attacks which exhibit abnormal behavior, making it a good candidate for network intrusion detection. This paper demonstrates SPOT is effective to distinguish between normal and abnormal processes in a UNIX System Call dataset.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Aggarwal, C.C., Yu, P.S.: Outlier Detection for High Dimensional Data. In: SIGMOD 2001 (2001)

    Google Scholar 

  2. Forrest, S.A., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: A Sense of Self for UNIX Processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 120–128 (2001)

    Google Scholar 

  3. Forrest, S.A., Warrender, C., Perlmutter, B.: Detecting Intrusions Using System Calls: Alternative Data Models. In: Proceedings of the 1999 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 133–145 (1999)

    Google Scholar 

  4. Garcia-Teodoro, P., Diaz-Verdejo, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-Based Network Intrusion Detection: Techniques, Systems and Challenges. Computers and Security 28, 18–28 (2009)

    Article  Google Scholar 

  5. Symantec Global Internet Security Threat Report: Trends for 2008, Vol. XIV (2008) (published April 2009)

    Google Scholar 

  6. Tan, K., Maxion, R.: Why 6? Defining the Operational Limits of Stide,and Anomaly-Based Intrusion Detectors. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 133–145 (2002)

    Google Scholar 

  7. Wenke, J., Salvatore, J.: Framework for Construction Features and Models for Intrusion Detection Systems. In: TISSEC, pp. 227–261 (2000)

    Google Scholar 

  8. Zhang, J.: Towards Outlier Detection for High-Dimensional Data Streams Using Projected Outlier Analysis Strategy. PHD Thesis. Dalhousie University (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Science, Dalhousie University, Canada

    David Kershaw & Qigang Gao

  2. Sobey School of Business, St. Mary’s University, USA

    Hai Wang

Authors
  1. David Kershaw
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qigang Gao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hai Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Regina, 3737 Wascana Parkway, Regina, S4S 0A2, Saskatchewan, Canada

    Cory Butz

  2. Department of Mathematics and Computing Science, Saint Mary’s University, B3H 3C3, Halifax, Nova Scotia, Canada

    Pawan Lingras

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kershaw, D., Gao, Q., Wang, H. (2011). Anomaly-Based Network Intrusion Detection Using Outlier Subspace Analysis: A Case Study. In: Butz, C., Lingras, P. (eds) Advances in Artificial Intelligence. Canadian AI 2011. Lecture Notes in Computer Science(), vol 6657. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21043-3_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21043-3_28

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21042-6

  • Online ISBN: 978-3-642-21043-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics