A neural network model for detection systems based on data mining and false errors

Authors:
Se-Yul Lee;Bong-Hwan Lee;Yeong-Deok Kim;Dong-Myung Shin;Chan-Hyun Youn
Affiliations:
Department of Computer Science, Chungwoon University, Chungnam, Korea;Department of Electrical & Computer Engineering, University of Florida, Gainesville, FL;Department of Computer Information Science & Engineering, Woosong University, Daejeon, Korea;Korea Information Security Agency, IT Infrastructure Protection Division Applied Security Technology Team, Seoul, Korea;School of Engineering, ICU, Daejeon, Korea
Venue:
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
Year:
2006

Citing 9
Cited 0

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Towards a taxonomy of intrusion-detection systems

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
A large scale distributed intrusion detection framework based on attack strategy analysis

Computer Networks: The International Journal of Computer and Telecommunications Networking
Improving intrusion detection performance using keyword selection and neural networks

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse

IEEE Transactions on Software Engineering
Masquerade Detection Using Truncated Command Lines

DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Case-Based Reasoning for Intrusion Detection

ACSAC '96 Proceedings of the 12th Annual Computer Security Applications Conference
A Neural Network Component for an Intrusion Detection System

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
USTAT: A Real-Time Intrusion Detection System for UNIX

SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays, computer network systems play an increasingly important role in our society. They have become the target of a wide array of malicious attacks that can turn into actual intrusions. This is the reason why computer security has become an essential concern for network administrators. Intrusions can wreak havoc on LANs. And the time and cost to repair the damage can grow to extreme proportions. Instead of using passive measures to fix and patch security holes, it is more effective to adopt proactive measures against intrusions. Recently, several IDS have been proposed and they are based on various technologies. However, these techniques, which have been used in many systems, are useful only for detecting the existing patterns of intrusion. It can not detect new patterns of intrusion. Therefore, it is necessary to develop a new technology of IDS that can find new patterns of intrusion. This paper investigates the asymmetric costs of false errors to enhance the detection systems performance. The proposed method utilizes a network model considering the cost ratio of false errors. Compared with false positive, this scheme accomplishes both security and system performance objectives. The results of our empirical experiment show that the network model provides high accuracy in detection. In addition, the simulation results show that effectiveness of probe detection can be enhanced by considering the costs of false errors.