Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Computer Security Kapitel lesen Erstes Kapitel lesen

2018 | OriginalPaper | Buchkapitel

2. A Survey and Taxonomy of Classifiers of Intrusion Detection Systems

verfasst von : Tarfa Hamed, Jason B. Ernst, Stefan C. Kremer

Erschienen in: Computer and Network Security Essentials

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

In this chapter, a new review and taxonomy of the classifiers that have been used with intrusion detection systems in the last two decades is presented. The main objective of this chapter is to provide the reader with the knowledge required to build an effective classifier for IDSs problems by reviewing this phase in component-by-component structure rather than paper-by-paper organization. We start by presenting the extracted features that resulted from the pre-processing phase. These features are supposed to be supplied to the pattern analyzer, and therefore different types of analyzers are presented. We discuss also the knowledge representation that is produced from these pattern analyzers. In addition, the decision making component (of IDS) which we called here detection phase is also presented in details with the most common algorithms used with IDS. The chapter explores the classifier decision types and the possible threats with their subclasses. The chapter also discusses the current open issues that face pattern analyzers that work in adversarial environments like intrusion detection systems and some contributions in this field. The components discussed in this chapter represent the core of the framework of any IDS.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Computer Security
Nächstes Kapitel A Technology for Detection of Advanced Persistent Threat in Networks and Systems Using a Finite Angular State Velocity Machine and Vector Mathematics
Literatur
1.
Bergadano, F., Gunetti, D., & Picardi, C. (2003). Identity verification through dynamic keystroke analysis. Intelligence Data Analaysis, 7(5), 469–496.
2.
Bhuse, V., & Gupta, A. (2006). Anomaly intrusion detection in wireless sensor networks. Journal of High Speed Networks, 15(1), 33–51.
3.
Biggio, B., Fumera, G., & Roli, F. (2010). Multiple classifier systems for robust classifier design in adversarial environments. International Journal of Machine Learning and Cybernetics, 1(1), 27–41. doi:10.​1007/​s13042-010-0007-7
4.
Biggio, B., Fumera, G., & Roli, F. (2011). Design of robust classifiers for adversarial environments. In IEEE international conference on systems, man, and cybernetics (SMC) (pp. 977–982). IEEE.
5.
Biggio, B., Fumera, G., & Roli, F. (2014). Security evaluation of pattern classifiers under attack. IEEE Transactions on Knowledge and Data Engineering, 26(4), 984–996. doi:10.​1109/​TKDE.​2013.​57
6.
7.
Dastjerdi, A. V., & Bakar, K. A. (2008). A novel hybrid mobile agent based distributed intrusion detection system. Proceedings of World Academy of Science, Engineering and Technology, 35, 116–119.
8.
Gandhi, G. M., Appavoo, K., & Srivatsa, S. (2010). Effective network intrusion detection using classifiers decision trees and decision rules. International Journal of Advanced Networking and Applications, 2(3), 686–692.
9.
Gong, Y., Mabu, S., Chen, C., Wang, Y., & Hirasawa, K. (2009). Intrusion detection system combining misuse detection and anomaly detection using genetic network programming. In ICCAS-SICE, 2009, (pp. 3463–3467).
10.
Haidar, G. A., & Boustany, C. (2015). High perception intrusion detection system using neural networks. In 2015 ninth international conference on complex, intelligent, and software intensive systems (pp. 497–501). doi:10.​1109/​CISIS.​2015.​73
11.
Jalil, K. A., Kamarudin, M. H., & Masrek, M. N. (2010) Comparison of machine learning algorithms performance in detecting network intrusion. In 2010 international conference on networking and information technology (pp. 221–226). doi:10.​1109/​ICNIT.​2010.​5508526
12.
Kumar, M., Hanumanthappa, M., & Kumar, T. V. S. (2012). Intrusion detection system using decision tree algorithm. In 2012 IEEE 14th international conference on communication technology (pp. 629–634). doi:10.​1109/​ICCT.​2012.​6511281
13.
Lan, F., Chunlei, W., & Guoqing, M. (2010). A framework for network security situation awareness based on knowledge discovery. In 2010 2nd international conference on computer engineering and technology (Vol. 1, pp. V1–226–V1–231). doi:10.​1109/​ICCET.​2010.​5486194.
14.
Lane, T. (2006). A decision-theoritic, semi-supervised model for intrusion detection. In Machine learning and data mining for computer security (pp. 157–177). London: Springer.CrossRef
15.
Lane, T., & Brodley, C. E. (1997). An application of machine learning to anomaly detection. In Proceedings of the 20th national information systems security conference (Vol. 377, pp. 366–380).
16.
17.
Lin, Y., Zhang, Y., & Ou, Y-J (2010). The design and implementation of host-based intrusion detection system. In 2010 third international symposium on intelligent information technology and security informatics (pp. 595–598). doi:10.​1109/​IITSI.​2010.​127
18.
Maiwald, E. (2001). Network security: A beginner’s guide. New York, NY: New York Osborne/McGraw-Hill. http://​openlibary.​org.​/​books/​OL3967503M
19.
Mantur, B., Desai, A., & Nagegowda, K. S. (2015). Centralized control signature-based firewall and statistical-based network intrusion detection system (NIDS) in software defined networks (SDN) (pp. 497–506). New Delhi: Springer. doi:10.​1007/​978-81-322-2550-8_​48
20.
Mitchell, R., & Chen, I. R. (2015). Behavior rule specification-based intrusion detection for safety critical medical cyber physical systems. IEEE Transactions on Dependable and Secure Computing, 12(1), 16–30. doi:10.​1109/​TDSC.​2014.​2312327
21.
Mo, Y., Ma, Y., & Xu, L. (2008). Design and implementation of intrusion detection based on mobile agents. In 2008 IEEE international symposium on IT in medicine and education (pp. 278–281). doi:10.​1109/​ITME.​2008.​4743870
22.
Mukkamala, S., Janoski, G., & Sung, A. (2002). Intrusion detection: Support vector machines and neural networks. IEEE International Joint Conference on Neural Networks (ANNIE), 2, 1702–1707.MATH
23.
Muntean, C., Dojen, R., & Coffey, T. (2009). Establishing and preventing a new replay attackon a non-repudiation protocol. In IEEE 5th international conference on intelligent computer communication and processing, ICCP 2009 (pp. 283–290). IEEE.
24.
Newsome, J., Karp, B., & Song D. (2005). Polygraph: Automatically generating signatures for polymorphic worms. In 2005 IEEE symposium on security and privacy (S&P’05) (pp. 226–241). IEEE.
25.
Pannell, G., & Ashman, H. (2010). Anomaly detection over user profiles for intrusion detection. In Proceedings of the 8th Australian information security management conference (pp. 81–94). Perth, Western Australia: School of Computer and Information Science, Edith Cowan University.
26.
Pfleeger, C. P., & Pfleeger, S. L. (2006). Security in computing (4th ed.). Upper Saddle River, NJ: Prentice Hall PTR.MATH
27.
Rieck, K., Schwenk, G., Limmer, T., Holz, T., & Laskov, P. (2010). Botzilla: Detecting the phoning home of malicious software. In Proceedings of the 2010 ACM symposium on applied computing (pp. 1978–1984). ACM.
28.
Di Pietro, R., & Mancini, L. V. (2008). Intrusion detection systems (Vol. 38). New York, NY: Springer Science & Business Media.
29.
Sadeghi, Z., & Bahrami, A. S. (2013). Improving the speed of the network intrusion detection. In The 5th conference on information and knowledge technology (pp. 88–91). doi:10.​1109/​IKT.​2013.​6620044
30.
Sarvari, H., & Keikha, M. M. (2010). Improving the accuracy of intrusion detection systems by using the combination of machine learning approaches. In 2010 international conference of soft computing and pattern recognition (pp. 334–337). doi:10.​1109/​SOCPAR.​2010.​5686163
31.
Schonlau, M., DuMouchel, W., Ju, W. H., Karr, A. F., Theus, M., & Vardi, Y. (2001). Computer intrusion: Detecting masquerades. Statistical Science, 16(1), 58–74.MathSciNetCrossRefMATH
32.
Sekar, R., Gupta, A., Frullo, J., Shanbhag, T., Tiwari, A., Yang, H., & Zhou, S. (2002). Specification-based anomaly detection: A new approach for detecting network intrusions. In Proceedings of the 9th ACM conference on computer and communications security, CCS ‘02 (pp. 265–274). New York, NY: ACM. doi:10.​1145/​586110.​586146
33.
Shanmugavadivu, R., & Nagarajan, N. (2011). Network intrusion detection system using fuzzy logic. Indian Journal of Computer Science and Engineering (IJCSE), 2(1), 101–111.
34.
Sheng Gan, X., Shun Duanmu, J., Fu Wang, J., & Cong, W. (2013). Anomaly intrusion detection based on {PLS} feature extraction and core vector machine. Knowledge-Based Systems, 40, 1–6. doi:10.​1016/​j.​knosys.​2012.​09.​004
35.
36.
Singh, S., & Silakari, S. (2009). A survey of cyber attack detection systems. IJCSNS International Journal of Computer Science and Network Security, 9(5), 1–10.
37.
Terry, S., & Chow, B. J. (2005). An assessment of the DARPA IDS evaluation dataset using snort (Technical report, UC Davis Technical Report).
38.
Trinius, P., Willems, C., Rieck, K., & Holz, T. (2009). A malware instruction set for behavior-based analysis (Technical Report TR-2009-07). University of Mannheim.
39.
Vasudevan, A., Harshini, E., & Selvakumar, S. (2011). Ssenet-2011: a network intrusion detection system dataset and its comparison with kdd cup 99 dataset. In 2011 second asian himalayas international conference on internet (AH-ICI) (pp. 1–5). IEEE.
40.
Wang, W., Guyet, T., Quiniou, R., Cordier, M. O., Masseglia, F., & Zhang, X. (2014). Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks. Knowledge-Based Systems, 70, 103–117. doi:10.​1016/​j.​knosys.​2014.​06.​018
41.
Wang, Y., Lin, C., Li, Q. L., & Fang, Y. (2007). A queueing analysis for the denial of service (dos) attacks in computer networks. Computer Networks, 51(12), 3564–3573.CrossRefMATH
42.
Xiaoqing, G., Hebin, G., & Luyi, C. (2010). Network intrusion detection method based on agent and svm. In 2010 2nd IEEE international conference on information management and engineering (pp. 399–402). doi:10.​1109/​ICIME.​2010.​5477694
43.
Xu, J., & Wu, S. (2010). Intrusion detection model of mobile agent based on aglets. In 2010 international conference on computer application and system modeling (ICCASM 2010) (Vol. 4, pp. V4-347–V4-350). doi:10.​1109/​ICCASM.​2010.​5620189
44.
Xue-qin, Z., Chun-hua, G., & Jia-jun, L. (2006). Intrusion detection system based on feature selection and support vector machine. In 2006 first international conference on communications and networking in China (pp. 1–5). doi:10.​1109/​CHINACOM.​2006.​344739
45.
Yang, W., Wan, W., Guo, L., & Zhang, L. J. (2007). An efficient intrusion detection model based on fast inductive learning. In 2007 international conference on machine learning and cybernetics, (Vol. 6, pp. 3249–3254). doi:10.​1109/​ICMLC.​2007.​4370708
Metadaten
Titel
A Survey and Taxonomy of Classifiers of Intrusion Detection Systems
verfasst von
Tarfa Hamed
Jason B. Ernst
Stefan C. Kremer
Copyright-Jahr
2018
Buch
Computer and Network Security Essentials

Print ISBN: 978-3-319-58423-2

Electronic ISBN: 978-3-319-58424-9

Copyright-Jahr: 2018

DOI
https://doi.org/10.1007/978-3-319-58424-9_2

Neuer Inhalt

    Bildnachweise