Autonomic Intrusion Detection System

Authors:
Wei Wang;Thomas Guyet;Svein J. Knapskog
Affiliations:
Q2S Centre, Norwegian University of Science and Technology (NTNU),;Project DREAM, INRIA Rennes/IRISA, France and AGROCAMPUS OUEST, Rennes, France;Q2S Centre, Norwegian University of Science and Technology (NTNU),
Venue:
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Year:
2009

Citing 2
Cited 0

Data Streaming with Affinity Propagation

ECML PKDD '08 Proceedings of the European conference on Machine Learning and Knowledge Discovery in Databases - Part II
A general framework for adaptive and online detection of web attacks

Proceedings of the 18th international conference on World wide web

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection in unlabeled audit data streams. The framework owns ability of self-managing: self-labeling, self-updating and self-adapting. Affinity Propagation (AP) uses the framework to learn a subject's behavior through dynamical clustering of the streaming data. The testing results with a large real HTTP log stream demonstrate the effectiveness and efficiency of the method.