IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Using Text Categorization Techniques for Intrusion Detection
Proceedings of the 11th USENIX Security Symposium
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Pattern Classification (2nd Edition)
Pattern Classification (2nd Edition)
Network intrusion detection and classification with decision tree and rule based approaches
ISCIT'09 Proceedings of the 9th international conference on Communications and information technologies
| Hi-index | 0.00 |
It is very difficult to select useful measures and to generate patterns detecting attacks from network. Patterns to detect intrusions are usually generated by expert’s experiences that need a lot of man-power, management expense and time. This paper proposes the statistical methods for detecting attacks without expert’s experiences. The methods are to select the detection measures from features of network connections and to detect attacks. We extracted normal and each attack data from network connections, and selected the measures for detecting attacks by relative entropy. Also we made probability patterns and detected attacks by likelihood ratio. The detection rates and the false positive rates were controlled by the different threshold in the method. We used KDD CUP 99 dataset to evaluate the performance of the proposed methods.