Advanced probabilistic approach for network intrusion forecasting and detection
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Shin, Seongjun | ko |
| dc.contributor.author | Lee, Seungmin | ko |
| dc.contributor.author | Kim, Hyunwoo | ko |
| dc.contributor.author | Kim, Sehun | ko |
| dc.date.accessioned | 2013-03-12T13:36:17Z | - |
| dc.date.available | 2013-03-12T13:36:17Z | - |
| dc.date.created | 2012-11-20 | - |
| dc.date.created | 2012-11-20 | - |
| dc.date.created | 2012-11-20 | - |
| dc.date.issued | 2013-01 | - |
| dc.identifier.citation | EXPERT SYSTEMS WITH APPLICATIONS, v.40, no.1, pp.315 - 322 | - |
| dc.identifier.issn | 0957-4174 | - |
| dc.identifier.uri | http://hdl.handle.net/10203/102480 | - |
| dc.description.abstract | Recently, as damage caused by Internet threats has increased significantly, one of the major challenges is to accurately predict the period and severity of threats. In this study, a novel probabilistic approach is proposed effectively to forecast and detect network intrusions. It uses a Markov chain for probabilistic modeling of abnormal events in network systems. First, to define the network states, we perform K-means clustering, and then we introduce the concept of an outlier factor. Based on the defined states, the degree of abnormality of the incoming data is stochastically measured in real-time. The performance of the proposed approach is evaluated through experiments using the well-known DARPA 2000 data set and further analyzes. The proposed approach achieves high detection performance while representing the level of attacks in stages. In particular, our approach is shown to be very robust to training data sets and the number of states in the Markov model. (C) 2012 Elsevier Ltd. All rights reserved. | - |
| dc.language | English | - |
| dc.publisher | PERGAMON-ELSEVIER SCIENCE LTD | - |
| dc.subject | ANOMALY DETECTION | - |
| dc.title | Advanced probabilistic approach for network intrusion forecasting and detection | - |
| dc.type | Article | - |
| dc.identifier.wosid | 000309378200030 | - |
| dc.identifier.scopusid | 2-s2.0-84866102744 | - |
| dc.type.rims | ART | - |
| dc.citation.volume | 40 | - |
| dc.citation.issue | 1 | - |
| dc.citation.beginningpage | 315 | - |
| dc.citation.endingpage | 322 | - |
| dc.citation.publicationname | EXPERT SYSTEMS WITH APPLICATIONS | - |
| dc.identifier.doi | 10.1016/j.eswa.2012.07.057 | - |
| dc.contributor.localauthor | Kim, Sehun | - |
| dc.contributor.nonIdAuthor | Shin, Seongjun | - |
| dc.contributor.nonIdAuthor | Lee, Seungmin | - |
| dc.contributor.nonIdAuthor | Kim, Hyunwoo | - |
| dc.type.journalArticle | Article | - |
| dc.subject.keywordAuthor | Intrusion forecasting | - |
| dc.subject.keywordAuthor | Markov chain | - |
| dc.subject.keywordAuthor | Anomaly detection | - |
| dc.subject.keywordAuthor | DDoS detection | - |
| dc.subject.keywordAuthor | Intrusion forecasting | - |
| dc.subject.keywordAuthor | Markov chain | - |
| dc.subject.keywordAuthor | Anomaly detection | - |
| dc.subject.keywordAuthor | DDoS detection | - |
| dc.subject.keywordPlus | ANOMALY DETECTION | - |
| dc.subject.keywordPlus | ANOMALY DETECTION | - |
- Appears in Collection
- IE-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 42 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.