Zwane et al., 2019 - Google Patents
Ensemble learning approach for flow-based intrusion detection systemZwane et al., 2019
View PDF- Document ID
- 17593220464788909078
- Author
- Zwane S
- Tarwireyi P
- Adigun M
- Publication year
- Publication venue
- 2019 IEEE AFRICON
External Links
Snippet
Network security remains a critical issue due to ongoing advancements in Information and Communication Technologies (ICT) and the concomitant rise in the number of security threats. Intrusion detection systems have emerged as an essential countermeasure to …
- 238000001514 detection method 0 title abstract description 63
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6267—Classification techniques
- G06K9/6279—Classification techniques relating to the number of classes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/62—Methods or arrangements for recognition using electronic means
- G06K9/6217—Design or setup of recognition systems and techniques; Extraction of features in feature space; Clustering techniques; Blind source separation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/3061—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F17/30705—Clustering or classification
- G06F17/3071—Clustering or classification including class or cluster creation or modification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06K—RECOGNITION OF DATA; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K9/00—Methods or arrangements for reading or recognising printed or written characters or for recognising patterns, e.g. fingerprints
- G06K9/00624—Recognising scenes, i.e. recognition of a whole field of perception; recognising scene-specific objects
- G06K9/00771—Recognising scenes under surveillance, e.g. with Markovian modelling of scene activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lee et al. | Cyber threat detection based on artificial neural networks using event profiles | |
| EP3528463B1 (en) | An artificial intelligence cyber security analyst | |
| Shahraki et al. | Active learning for network traffic classification: A technical study | |
| Aminanto et al. | Threat alert prioritization using isolation forest and stacked auto encoder with day-forward-chaining analysis | |
| Boukhtouta et al. | Network malware classification comparison using DPI and flow packet headers | |
| Maza et al. | Feature selection algorithms in intrusion detection system: A survey | |
| Gogoi et al. | Anomaly detection analysis of intrusion data using supervised & unsupervised approach. | |
| Aleroud et al. | Contextual information fusion for intrusion detection: a survey and taxonomy | |
| Golmah | An efficient hybrid intrusion detection system based on C5. 0 and SVM | |
| Zwane et al. | Ensemble learning approach for flow-based intrusion detection system | |
| Koshal et al. | Cascading of C4. 5 decision tree and support vector machine for rule based intrusion detection system | |
| Su et al. | Hierarchical clustering based network traffic data reduction for improving suspicious flow detection | |
| Sharon et al. | An intelligent intrusion detection system using hybrid deep learning approaches in cloud environment | |
| Al-mamory et al. | On the designing of two grains levels network intrusion detection system | |
| Mughaid et al. | Utilizing machine learning algorithms for effectively detection iot ddos attacks | |
| Niandong et al. | Detection of probe flow anomalies using information entropy and random forest method | |
| Sharma et al. | An overview of flow-based anomaly detection | |
| Soewu et al. | Analysis of Data Mining-Based Approach for Intrusion Detection System | |
| Teng et al. | A collaborative and adaptive intrusion detection based on SVMs and decision trees | |
| Khonde et al. | Hybrid Architecture for Distributed Intrusion Detection System. | |
| Liu et al. | A cascade forest approach to application classification of mobile traces | |
| Arshad et al. | Comparative study of machine learning techniques for intrusion detection on CICIDS-2017 Dataset | |
| Komisarek et al. | A novel, refined dataset for real-time Network Intrusion Detection | |
| Nascimento et al. | A hybrid model for network traffic identification based on association rules and self-organizing maps (som) | |
| Shamekhi et al. | An intelligent behavioral-based DDOS attack detection method using adaptive time intervals |