计算机科学
入侵检测系统
异常检测
数据挖掘
公制(单位)
假阳性率
基于异常的入侵检测系统
过程(计算)
性能指标
人工智能
机器学习
运营管理
操作系统
经济
管理
作者
Francisco J. Aparicio-Navarro,K. Kyriakopoulos,Yu Gong,David J. Parish,Jonathon A. Chambers
出处
期刊:IEEE Access
[Institute of Electrical and Electronics Engineers]
日期:2017-01-01
卷期号:5: 22177-22193
被引量:16
标识
DOI:10.1109/access.2017.2762162
摘要
As the complexity of cyber-attacks keeps increasing, new robust detection mechanisms need to be developed. The next generation of Intrusion Detection Systems (IDSs) should be able to adapt their detection characteristics based not only on the measurable network traffic, but also on the available highlevel information related to the protected network. To this end, we make use of the Pattern-of-Life (PoL) of a computer network as the main source of high-level information. We propose two novel approaches that make use of a Fuzzy Cognitive Map (FCM) to incorporate the PoL into the detection process. There are four main aims of the work. First, to evaluate the efficiency of the proposed approaches in identifying the presence of attacks. Second, to identify which of the proposed approaches to integrate an FCM into the IDS framework produces the best results. Third, to identify which of the metrics used in the design of the FCM produces the best detection results. Fourth, to evidence the improved detection performance that contextual information can offer in IDSs. The results that we present verify that the proposed approaches improve the effectiveness of our IDS by reducing the total number of false alarms; providing almost perfect detection rate (i.e., 99.76%) and only 6.33% false positive rate, depending on the particular metric combination.
科研通智能强力驱动
Strongly Powered by AbleSci AI