Abstract
Intrusion detection is one of the most essential factors for security infrastructures in network environments, and it is widely used in detecting, identifying and tracking the intruders. Traditionally, the approach taken to find attacks is to inspect the contents of every packet. An alternative approach is to detect network applications based on flow statistics characteristics using machine learning. We propose online Internet intrusion detection based on flow statistical characteristics in this paper. Experiment results illustrate this method has high detection accuracy using Seeded-Kmeans clustering algorithm. It is noticeable that the statistics of the first 12 packets could detect online flow with high accuracy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abbes, T., Bouhoula, A., Rusinowitch, M.: Efficient decision tree for protocol analysis in intrusion detection. International Journal of Security and Networks 5(4), 220–235 (2010)
Georgios, S., Sokratis, K.: Reducing false positives in intrusion detection systems. Computers and Security 29(1), 35–44 (2010)
Karam, F.W., Jensen, T.: A Survey on QoS in Next Generation Networks. Advances in Information Sciences and Service Sciences 2(4), 91–102 (2010)
Boujelbene, S., Mezghani, D., Ellouze, N.: Improving SVM by modifying kernel functions for speaker identification task. International Journal of Digital Content Technology and its Applications 4(6), 100–105 (2010)
Janakiraman, S., Vasudevan, V.: An intelligent distributed intrusion detection system using genetic algorithm. Journal of Convergence Information Technology 4(1), 70–76 (2009)
Zhang, Z., Shen, H.: Application of online training SVMs for realtime intrusion detection with different considerations. Computer Communications 28(12), 1428–1442 (2005)
Peddabachigari, S., Abraham, A., Grosan, C.: Modeling intrusion detection system using hybrid intelligent systems. Journal of Network and Computer Applications 30(1), 114–132 (2007)
Pal, O., Jain, P., Goyal, S.: Intrusion detection using graph support: a hybrid approach of supervised and unsupervised Techniques. International Journal of Advancements in Computing Technology 2(3), 114–118 (2010)
Ahmed, P., Qais, Q., Christopher, W.: A survey of intrusion detection and prevention systems. Information Management and Computer Security 18(4), 277–290 (2010)
Nitesh, G., Sotirios, Z.: Efficient hardware support for pattern matching in network intrusion detection. Computers and Security 29(7), 756–769 (2010)
Zhuang, Z., Li, Y., Chen, Z.: Enhancing intrusion detection system with proximity information. International Journal of Security and Networks 5(4), 207–219 (2010)
Nam, P., Hyun, S., Won, L.: Anomaly intrusion detection by clustering transactional audit streams in a host computer. Information Sciences 180(12), 2375–2389 (2010)
Benfano, S., Lucas, V., Ning, W.: Hybrid pattern matching for trusted intrusion detection. Security and Communication Networks 4(1), 33–43 (2011)
Zhou, C., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers and Security 29(1), 124–140 (2010)
Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection models. In: Proceeding of the IEEE Symposium on Security and Privacy, pp. 120–132 (1999)
Asaka, M., Onabura, T., Inoue, S.: A new intrusion detection method based on discriminant analysis. IEICE Transactions on Information and Systems 84(5), 570–577 (2001)
Sang, H., Won, S.: An anomaly intrusion detection method by clustering normal user behavior. Computers and Security 22(7), 596–612 (2003)
Jing, J., Papavassiliou, S.: Enhancing network traffic prediction and anomaly detection via statistical network traffic separation and combination strategies. Computer Communications 29(10), 1627–1638 (2006)
Ye, N., Zhang, Y., Borror, C.: Robustness of the Markov-chain model for cyber-attack detection. IEEE Transactions on Reliability 53(1), 116–123 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gu, C., Zhang, S., Lu, H. (2011). Online Internet Intrusion Detection Based on Flow Statistical Characteristics. In: Xiong, H., Lee, W.B. (eds) Knowledge Science, Engineering and Management. KSEM 2011. Lecture Notes in Computer Science(), vol 7091. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25975-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-25975-3_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25974-6
Online ISBN: 978-3-642-25975-3
eBook Packages: Computer ScienceComputer Science (R0)