An iterative multiple sampling method for intrusion detection

MWITONDI, Kassim and ZARGARI, Shahrzad (2018). An iterative multiple sampling method for intrusion detection. Information Security Journal: A Global Perspective, 27 (4), 230-239.

[img] PDF
ksm-and-sha-final.pdf - Accepted Version
Restricted to Repository staff only until 5 November 2019.
All rights reserved.

Download (1MB)
Official URL: https://www.tandfonline.com/doi/abs/10.1080/193935...
Link to published version:: https://doi.org/10.1080/19393555.2018.1539790

Abstract

Threats to network security increase with growing volumes and velocity of data across networks, and they present challenges not only to law enforcement agencies, but to businesses, families and individuals. The volume, velocity and veracity of shared data across networks entail accurate and reliable automated tools for filtering out useful from malicious, noisy or irrelevant data. While data mining and machine learning techniques have widely been adopted within the network security community, challenges and gaps in knowledge extraction from data have remained due to insufficient data sources on attacks on which to test the algorithms accuracy and reliability. We propose a data-flow adaptive approach to intrusion detection based on high-dimensional cyber-attacks data. The algorithm repeatedly takes random samples from an inherently bi-modal, high-dimensional dataset of 82,332 observations on 25 numeric and two categorical variables. Its main idea is to capture subtle information resulting from reduced data dimension of a large number of malicious flows and by iteratively estimating roles played by individual variables in construction of key components. Data visualization and numerical results provide a clear separation of a set of variables associated with attack types and show that component-dominating parameters are crucial in monitoring future attacks.

Item Type: Article
Additional Information: ** From Crossref via Jisc Publications Router **Journal IDs: pissn 1939-3555; eissn 1939-3547
Uncontrolled Keywords: Software, Information Systems and Management, Computer Science Applications
Identification Number: https://doi.org/10.1080/19393555.2018.1539790
SWORD Depositor: Margaret Boot
Depositing User: Margaret Boot
Date Deposited: 29 Nov 2018 11:58
Last Modified: 21 Dec 2018 10:33
URI: http://shura.shu.ac.uk/id/eprint/23341

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics