Detecting network intrusions using signal processing with query-based sampling filter

Authors:
Liang-Bin Lai;Ray-I Chang;Jen-Shiang Kouh
Affiliations:
Department of Engineering Science and Ocean Engineering, National Taiwan University, Taipei, Taiwan;Department of Engineering Science and Ocean Engineering, National Taiwan University, Taipei, Taiwan;Department of Engineering Science and Ocean Engineering, National Taiwan University, Taipei, Taiwan
Venue:
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Year:
2009

Citing 15
Cited 0

A theory of the learnable

Communications of the ACM
Quantization noise analysis and error feedback implementation in frequency sampling FIR filters

Signal Processing
Incremental Learning With Sample Queries

IEEE Transactions on Pattern Analysis and Machine Intelligence
A framework for constructing features and models for intrusion detection systems

ACM Transactions on Information and System Security (TISSEC)
Practical automated detection of stealthy portscans

Journal of Computer Security
The Effects of Training Set Size on Decision Tree Complexity

ICML '97 Proceedings of the Fourteenth International Conference on Machine Learning
A Sense of Self for Unix Processes

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Intrusion detection using hierarchical neural networks

Pattern Recognition Letters
Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)

Data Mining: Practical Machine Learning Tools and Techniques, Second Edition (Morgan Kaufmann Series in Data Management Systems)
Learning program behavior profiles for intrusion detection

ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1
Mining data by query-based error-propagation

ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part I
Disease diagnosis using query-based neural networks

ISNN'05 Proceedings of the Second international conference on Advances in Neural Networks - Volume Part III
Anomaly detection in IP networks

IEEE Transactions on Signal Processing
Unsupervised query-based learning of neural networks using selective-attention and self-regulation

IEEE Transactions on Neural Networks
Query-based learning for aerospace applications

IEEE Transactions on Neural Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a novel approach for training a network intrusion detection system based on a query-based sampling (QBS) filter. The proposed QBS filter applies the concepts of data quantization to signal processing in order to develop a novel classification system. Through interaction with a partially trained classifier, the QBS filter can use an oracle to produce high-quality training data. We tested the method with a benchmark intrusion dataset to verify its performance and effectiveness. Results show that selecting qualified training data will have an impact not only on the performance but also on overall execution (to reduce distortion). This method can significantly increase the accuracy of the detection rate for suspicious activity and can recognize rare attacks. Additionally, the method can improve the efficiency of real-time intrusion detection models.