 An auto-learning approach for network intrusion detectionAmmar Boulaiche () and
Kamel Adi
Telecommunication Systems: Modelling, Analysis, Design and Management, 2018, vol. 68, issue 2, No 11, 277-294 Abstract: Abstract In this paper, we propose a novel intrusion detection technique with a fully automatic attack signatures generation capability. The proposed approach exploits a honeypot traffic data analysis to build an attack scenarios database, used to detect potential intrusions. Furthermore, for an effective and efficient intrusion detection mechanism, we introduce several new or adapted algorithms for signature generation, signature comparison, etc. Finally, we use DARPA’99 and UNSW-NB15 traffic to evaluate the proposed approach. The results indicate that the generated attack signatures are of high quality with low rates of false negatives and false positives. Keywords: Intrusion detection; Honeypots; Fuzzy hashing; DARPA’99 dataset; UNSW-NB15 dataset (search for similar items in EconPapers) Downloads: (external link) Related works: Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text Persistent link: https://EconPapers.repec.org/RePEc:spr:telsys:v:68:y:2018:i:2:d:10.1007_s11235-017-0395-z Ordering information: This journal article can be ordered from DOI: 10.1007/s11235-017-0395-z Access Statistics for this article Telecommunication Systems: Modelling, Analysis, Design and Management is currently edited by Muhammad Khan More articles in Telecommunication Systems: Modelling, Analysis, Design and Management from Springer |
Is your work missing from RePEc? Here is how to contribute.
Questions or problems? Check the EconPapers FAQ or send mail to .
EconPapers is hosted by the
School of Business at Örebro University.