An uncertainty-managing batch relevance-based approach to network anomaly detection

Applied Soft Computing Journal

Volumn 36, Issue , 2015, Pages 408-418

  D'Angelo, Gianni ^a   Palmieri, Francesco ^b   Ficco, Massimo ^c   Rampone, Salvatore ^a  

^a UNIVERSITY OF SANNIO   (Italy)

^b UNIVERSITY OF SALERNO   (Italy)

^c SECOND UNIVERSITY OF NAPLES   (Italy)

Author keywords

Fuzzy based techniques; Inductive inference; Machine learning; Network anomaly detection; Supervised classification

Indexed keywords

ARTIFICIAL INTELLIGENCE; BRAIN; INFERENCE ENGINES; LEARNING SYSTEMS; SUPERVISED LEARNING;

EVALUATION EXPERIMENTS; FUZZY-BASED TECHNIQUES; IDENTIFICATION ACCURACY; INDUCTIVE INFERENCE; NETWORK ANOMALY DETECTION; NONPARAMETRIC DETECTION; SUPERVISED CLASSIFICATION; SUPERVISED MACHINE LEARNING;

LEARNING ALGORITHMS;

EID: 84939142748     PISSN: 15684946     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.asoc.2015.07.029     Document Type: Article

References (51)

1. J.P. Anderson Computer Security Threat Monitoring and Surveillance, Tech. Rep. 1980 Computer Security Division of the Information Technology Laboratory, National Institute of Standards and Technology
2. V. Chandola, A. Banerjee, and V. Kumar Anomaly detection: a survey ACM Comput. Surv. 41 3 2009 15:1-15:58
3. P. Garcia-Teodoro, J. Diaz-Verdejo, G. Macia-Fernandez, and E. Vazquez Anomaly-based network intrusion detection: techniques, systems and challenges Comput. Secur. 28 1-2 2009 18 28
4. A. Patcha, and J.-M. Park An overview of anomaly detection techniques: existing solutions and latest technological trends Comput. Netw. 51 12 2007 3448 3470
5. M. Roesch, and et al. Snort: lightweight intrusion detection for networks Proceedings of the 13th USENIX Conference on System Administration, vol. 99 1999 229 238
6. V. Paxson Bro: a system for detecting network intruders in real-time Comput. Netw. 31 23 1999 2435 2463
7. D. Anderson, T.F. Lunt, H. Javitz, A. Tamaru, A. Valdes, and et al. Detecting unusual program behavior using the statistical component of the Next-generation Intrusion Detection Expert System (NIDES) SRI International, Computer Science Laboratory, USA SRI-CSL-95-06 1995
8. S. Staniford, J.A. Hoagland, and J.M. McAlerney Practical automated detection of stealthy portscans J. Comput. Secur. 10 1 2002 105 136
9. T. Lane, and C.E. Brodley An application of machine learning to anomaly detection Proceedings of the 20th National Information Systems Security Conference, vol. 377 Baltimore, USA 1997 366 380
10. A.K. Ghosh, and A. Schwartzbard A study in using neural networks for anomaly and misuse detection USENIX Security 1999
11. V.N. Dao, and V. Vemuri A performance comparison of different back propagation neural networks methods in computer network intrusion detection Differ. Equ. Dyn. Syst. 10 1-2 2002 201 214
12. S. Mukkamala, G. Janoski, and A. Sung Intrusion detection using neural networks and support vector machines Neural Networks, 2002. IJCNN'02. Proceedings of the 2002 International Joint Conference on, vol. 2 IEEE 2002 1702 1707
13. W. Lee, S.J. Stolfo, and K.W. Mok Mining in a data-flow environment: experience in network intrusion detection Proceedings of the fifth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining 1999 ACM 114 124
14. W. Lee, S.J. Stolfo, and K.W. Mok A data mining framework for building intrusion detection models Security and Privacy, 1999, Proceedings of the 1999 IEEE Symposium on IEEE 1999 120 132
15. C. Warrender, S. Forrest, and B. Pearlmutter Detecting intrusions using system calls: alternative data models Security and Privacy, 1999, Proceedings of the 1999 IEEE Symposium on IEEE 1999 133 145
16. P.K. Chan, M.V. Mahoney, and M.H. Arshad Learning rules and clusters for anomaly detection in network traffic Managing Cyber Threats 2005 Springer 81 99
17. N. Duffield, P. Haffner, B. Krishnamurthy, and H. Ringberg Rule-based anomaly detection on IP flows INFOCOM 2009, IEEE IEEE 2009 424 432
18. K. Burbeck, and S. Nadjm-Tehrani ADWICE-anomaly detection with real-time incremental clustering Information Security and Cryptology-ICISC 2004 2005 Springer 407 424
19. S.R. Gaddam, V.V. Phoha, and K.S. Balagani K-means+ id3: a novel method for supervised anomaly detection by cascading k-means clustering and id3 decision tree learning methods IEEE Trans. Knowl. Data Eng. 19 3 2007 345 354
20. L. Khan, M. Awad, and B. Thuraisingham A new intrusion detection system using support vector machines and hierarchical clustering VLDB J.-Int. J. Very Large Data Bases 16 4 2007 507 521
21. F. Palmieri, and U. Fiore Network anomaly detection through nonlinear analysis Comput. Secur. 29 7 2010 737 755
22. D. peng Chen, and X. song Zhang Internet anomaly detection with weighted fuzzy matching over frequent episode rules Apperceiving Computing and Intelligence Analysis, 2008. ICACIA 2008. International Conference on 2008 299 302 10.1109/ICACIA.2008.4770028
23. J.E. Dickerson, and J.A. Dickerson Fuzzy network profiling for intrusion detection Fuzzy Information Processing Society, 2000. NAFIPS. 19th International Conference of the North American IEEE 2000 301 306
24. E. Mendelson Introduction to Mathematical Logic 1997 CRC Press
25. S. Rampone, and C. Russo A fuzzified BRAIN algorithm for learning DNF from incomplete data Electron. J. Appl. Stat. Anal. (EJASA) 5 2 2012 256 270
26. S. Rampone Recognition of splice junctions on DNA sequences by BRAIN learning algorithm Bioinformatics 14 8 1998 676 684
27. R.S. Michalski A theory and Methodology of Inductive Learning 1983 Springer
28. T.M. Mitchell Generalization as search Artif. Intell. 18 2 1982 203 226
29. D. Haussler Quantifying inductive bias: AI learning algorithms and Valiant's learning framework Artif. Intell. 36 2 1988 177 221
30. G. D'Angelo, and S. Rampone Towards a HPC-oriented parallel implementation of a learning algorithm for bioinformatics applications BMC Bioinform. 15 5 2014 1 15
31. J.S. Vitter External memory algorithms and data structures: dealing with massive data ACM Comput. Surv. (CsUR) 33 2 2001 209 271
32. F. Darema The SPMD model: past, present and future Recent Advances in Parallel Virtual Machine and Message Passing Interface 2001 Springer pp. 1-1
33. G. D'Angelo, and S. Rampone Diagnosis of aerospace structure defects by a HPC implemented soft computing algorithm Proceedings of the IEEE International Workshop on Metrology for Aerospace Benevento, Italy 2014 408 412
34. S.T. Brugger, and J. Chow An assessment of the DARPA IDS Evaluation Dataset Using Snort, Tech. Rep. 2007 University of California, Davis, Department of Computer Science
35. DARPA, KDD Cup 1999 Data set, available at the following website http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
36. M. Tavallaee, E. Bagheri, W. Lu, and A.-A. Ghorbani A detailed analysis of the KDD CUP 99 data set Proceedings of the Second IEEE Symposium on Computational Intelligence for Security and Defence Applications 2009 2009
37. M. Tavallaee, NSL-KDD dataset, http://www.iscx.ca/NSL-KDD.
38. J. McHugh Testing intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory ACM Trans. Inf. Syst. Secur. 3 4 2000 262 294
39. R.O. Duda, P.E. Hart, and D.G. Stork Pattern Classification 1999 John Wiley and Sons
40. D.M. Powers Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation J. Mach. Learn. Technol. 2 1 2011 37 63
41. G.H. John Robust linear discriminant trees Learning from Data 1996 Springer 375 385
42. R. Quinlan C4.5. Programs for Machine Learning 1993 Morgan Kaufmann Publishers San Mateo, CA
43. M. Augusteijn, and B. Folkert Neural network classification and novelty detection Int. J. Remote Sens. 23 14 2002 2891 2902
44. I. Steinwart, D.R. Hush, and C. Scovel A classification framework for anomaly detection J. Mach. Learn. Res. 2005 211 232
45. C.-C. Chang, and C.-J. Lin LIBSVM: a library for support vector machines ACM Trans. Intell. Syst. Technol. (TIST) 2 3 2011 27
46. G.H. John, and P. Langley Estimating continuous distributions in Bayesian classifiers Eleventh Conference on Uncertainty in Artificial Intelligence 1995 Morgan Kaufmann San Mateo 338 345
47. E. Eskin, A. Arnold, M. Prerau, L. Portnoy, and S. Stolfo A geometric framework for unsupervised anomaly detection Applications of Data Mining in Computer Security 2002 Springer 77 101
48. J. Oldmeadow, S. Ravinutala, and C. Leckie Adaptive clustering for network intrusion detection Advances in Knowledge Discovery and Data Mining 2004 Springer 255 259
49. K. Leung, and C. Leckie Unsupervised anomaly detection in network intrusion detection using clusters Proceedings of the Twenty-eighth Australasian conference on Computer Science, vol. 38 2005 Australian Computer Society, Inc. 333 342
50. C.-F. Tsai, and C.-C. Yen Unsupervised anomaly detection using HDG-clustering algorithm Neural Information Processing 2008 Springer 356 365
51. M. Mohammadi, A. Akbari, B. Raahemi, B. Nassersharif, and H. Asgharian A fast anomaly detection system using probabilistic artificial immune algorithm capable of learning new attacks Evol. Intell. 6 3 2014 135 156