Abstract:
Detecting anomaly behavior in large network traffic data has presented a great challenge in designing effective intrusion detection systems. We propose an adaptive model ...Show MoreMetadata
Abstract:
Detecting anomaly behavior in large network traffic data has presented a great challenge in designing effective intrusion detection systems. We propose an adaptive model to learn majority patterns under a dynamic changing environment. We first propose unsupervised learning on data abstraction to extract essential features of samples. We then adopt incremental majority learning with iterative evolutions on fitting envelopes to characterize the majority of samples within moving windows. A network traffic sample is considered an anomaly if its abstract feature falls on the outside of the fitting envelope. We justify the effectiveness of the presented approach against 150000+ traffic samples from the NSL-KDD dataset in training and testing, demonstrating positive promise in detecting network attacks by identifying samples that have abnormal features.
Date of Conference: 12-17 July 2015
Date Added to IEEE Xplore: 01 October 2015
ISBN Information: