Loading [MathJax]/extensions/MathMenu.js
Go With the Flow: Clustering Dynamically-Defined NetFlow Features for Network Intrusion Detection with DynIDS | IEEE Conference Publication | IEEE Xplore

Go With the Flow: Clustering Dynamically-Defined NetFlow Features for Network Intrusion Detection with DynIDS


Abstract:

The paper presents DynIDS, a network intrusion detection approach that flags malicious activity without previous knowledge about attacks or training data. DynIDS dynamica...Show More

Abstract:

The paper presents DynIDS, a network intrusion detection approach that flags malicious activity without previous knowledge about attacks or training data. DynIDS dynamically defines and extracts features from network data, and uses clustering algorithms to aggregate hosts with similar behavior. All previous clustering-based network intrusion detection approaches use a static set of features, restricting their ability to detect certain attacks. Instead, we use a set of features defined dynamically, at runtime, avoiding that restriction without falling into the curse of dimensionality, something that we believe is essential for the adoption of this kind of approaches. We evaluated DynIDS experimentally with an evaluation and a real-world dataset, obtaining better F-Score than alternative solutions.
Date of Conference: 24-27 November 2020
Date Added to IEEE Xplore: 05 January 2021
ISBN Information:

ISSN Information:

Conference Location: Cambridge, MA, USA

References

References is not available for this document.