Skip to main content
SpringerLink
Log in

Online Internet Intrusion Detection Based on Flow Statistical Characteristics

  • Conference paper
Knowledge Science, Engineering and Management (KSEM 2011)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 7091))

Abstract

Intrusion detection is one of the most essential factors for security infrastructures in network environments, and it is widely used in detecting, identifying and tracking the intruders. Traditionally, the approach taken to find attacks is to inspect the contents of every packet. An alternative approach is to detect network applications based on flow statistics characteristics using machine learning. We propose online Internet intrusion detection based on flow statistical characteristics in this paper. Experiment results illustrate this method has high detection accuracy using Seeded-Kmeans clustering algorithm. It is noticeable that the statistics of the first 12 packets could detect online flow with high accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abbes, T., Bouhoula, A., Rusinowitch, M.: Efficient decision tree for protocol analysis in intrusion detection. International Journal of Security and Networks 5(4), 220–235 (2010)

    Article  Google Scholar 

  2. Georgios, S., Sokratis, K.: Reducing false positives in intrusion detection systems. Computers and Security 29(1), 35–44 (2010)

    Article  Google Scholar 

  3. Karam, F.W., Jensen, T.: A Survey on QoS in Next Generation Networks. Advances in Information Sciences and Service Sciences 2(4), 91–102 (2010)

    Article  Google Scholar 

  4. Boujelbene, S., Mezghani, D., Ellouze, N.: Improving SVM by modifying kernel functions for speaker identification task. International Journal of Digital Content Technology and its Applications 4(6), 100–105 (2010)

    Article  Google Scholar 

  5. Janakiraman, S., Vasudevan, V.: An intelligent distributed intrusion detection system using genetic algorithm. Journal of Convergence Information Technology 4(1), 70–76 (2009)

    Google Scholar 

  6. Zhang, Z., Shen, H.: Application of online training SVMs for realtime intrusion detection with different considerations. Computer Communications 28(12), 1428–1442 (2005)

    Article  Google Scholar 

  7. Peddabachigari, S., Abraham, A., Grosan, C.: Modeling intrusion detection system using hybrid intelligent systems. Journal of Network and Computer Applications 30(1), 114–132 (2007)

    Article  Google Scholar 

  8. Pal, O., Jain, P., Goyal, S.: Intrusion detection using graph support: a hybrid approach of supervised and unsupervised Techniques. International Journal of Advancements in Computing Technology 2(3), 114–118 (2010)

    Article  Google Scholar 

  9. Ahmed, P., Qais, Q., Christopher, W.: A survey of intrusion detection and prevention systems. Information Management and Computer Security 18(4), 277–290 (2010)

    Article  Google Scholar 

  10. Nitesh, G., Sotirios, Z.: Efficient hardware support for pattern matching in network intrusion detection. Computers and Security 29(7), 756–769 (2010)

    Article  Google Scholar 

  11. Zhuang, Z., Li, Y., Chen, Z.: Enhancing intrusion detection system with proximity information. International Journal of Security and Networks 5(4), 207–219 (2010)

    Article  Google Scholar 

  12. Nam, P., Hyun, S., Won, L.: Anomaly intrusion detection by clustering transactional audit streams in a host computer. Information Sciences 180(12), 2375–2389 (2010)

    Article  Google Scholar 

  13. Benfano, S., Lucas, V., Ning, W.: Hybrid pattern matching for trusted intrusion detection. Security and Communication Networks 4(1), 33–43 (2011)

    Article  Google Scholar 

  14. Zhou, C., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers and Security 29(1), 124–140 (2010)

    Article  Google Scholar 

  15. Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection models. In: Proceeding of the IEEE Symposium on Security and Privacy, pp. 120–132 (1999)

    Google Scholar 

  16. Asaka, M., Onabura, T., Inoue, S.: A new intrusion detection method based on discriminant analysis. IEICE Transactions on Information and Systems 84(5), 570–577 (2001)

    Google Scholar 

  17. Sang, H., Won, S.: An anomaly intrusion detection method by clustering normal user behavior. Computers and Security 22(7), 596–612 (2003)

    Article  Google Scholar 

  18. Jing, J., Papavassiliou, S.: Enhancing network traffic prediction and anomaly detection via statistical network traffic separation and combination strategies. Computer Communications 29(10), 1627–1638 (2006)

    Article  Google Scholar 

  19. Ye, N., Zhang, Y., Borror, C.: Robustness of the Markov-chain model for cyber-attack detection. IEEE Transactions on Reliability 53(1), 116–123 (2004)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Network Technology, Nanjing University of Posts and Telecommunications, No.66 Xinmofan Road, Nanjing, Jiangsu, P.R. China

    Chengjie Gu, Shunyi Zhang & Hanhua Lu

Authors
  1. Chengjie Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shunyi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hanhua Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Management Science and Information Systems Department, Rutgers, the State University of New Jersey, 1, Washington Park, 07102, Newark, NJ, USA

    Hui Xiong

  2. Department of Industrial and Systems Engineering, The Hong Kong Polytechnic University, Hong Kong, China

    W. B. Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gu, C., Zhang, S., Lu, H. (2011). Online Internet Intrusion Detection Based on Flow Statistical Characteristics. In: Xiong, H., Lee, W.B. (eds) Knowledge Science, Engineering and Management. KSEM 2011. Lecture Notes in Computer Science(), vol 7091. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25975-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25975-3_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25974-6

  • Online ISBN: 978-3-642-25975-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation