2005 | OriginalPaper | Buchkapitel
Improvement of Detection Ability According to Optimum Selection of Measures Based on Statistical Approach
verfasst von : Gil-Jong Mun, Yong-Min Kim, DongKook Kim, Bong-Nam Noh
Erschienen in: Information Security and Cryptology
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
A selection of useful measures and a generation of rules for detecting attacks from network data are very difficult. Expert’s experiences are commonly required to generate the detection rules. If the rules are generated automatically, we will reduce man-power, management expense, and complexity of intrusion detection systems. In this paper, we propose two methods for generating the detection rules. One method is the statistical method based on relative entropy that uses for selecting the useful measures for generating the accurate rules. The other is decision tree algorithm based on entropy theory that generates the detection rules automatically. Also we propose a method of converting the continuous measures into categorical measures because continuous measures are hard to analyze. As the result, the detection rules for attacks are automatically generated without expert’s experiences. Also, we selected the useful measures by the proposed method.