Skip to main content

Online Internet Intrusion Detection Based on Flow Statistical Characteristics

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNAI,volume 7091)

Abstract

Intrusion detection is one of the most essential factors for security infrastructures in network environments, and it is widely used in detecting, identifying and tracking the intruders. Traditionally, the approach taken to find attacks is to inspect the contents of every packet. An alternative approach is to detect network applications based on flow statistics characteristics using machine learning. We propose online Internet intrusion detection based on flow statistical characteristics in this paper. Experiment results illustrate this method has high detection accuracy using Seeded-Kmeans clustering algorithm. It is noticeable that the statistics of the first 12 packets could detect online flow with high accuracy.

Keywords

  • intrusion detection
  • seeded-kmeans
  • online
  • flow statistical characteristics

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-642-25975-3_15
  • Chapter length: 11 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   74.99
Price excludes VAT (USA)
  • ISBN: 978-3-642-25975-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   99.00
Price excludes VAT (USA)

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abbes, T., Bouhoula, A., Rusinowitch, M.: Efficient decision tree for protocol analysis in intrusion detection. International Journal of Security and Networks 5(4), 220–235 (2010)

    CrossRef  Google Scholar 

  2. Georgios, S., Sokratis, K.: Reducing false positives in intrusion detection systems. Computers and Security 29(1), 35–44 (2010)

    CrossRef  Google Scholar 

  3. Karam, F.W., Jensen, T.: A Survey on QoS in Next Generation Networks. Advances in Information Sciences and Service Sciences 2(4), 91–102 (2010)

    CrossRef  Google Scholar 

  4. Boujelbene, S., Mezghani, D., Ellouze, N.: Improving SVM by modifying kernel functions for speaker identification task. International Journal of Digital Content Technology and its Applications 4(6), 100–105 (2010)

    CrossRef  Google Scholar 

  5. Janakiraman, S., Vasudevan, V.: An intelligent distributed intrusion detection system using genetic algorithm. Journal of Convergence Information Technology 4(1), 70–76 (2009)

    Google Scholar 

  6. Zhang, Z., Shen, H.: Application of online training SVMs for realtime intrusion detection with different considerations. Computer Communications 28(12), 1428–1442 (2005)

    CrossRef  Google Scholar 

  7. Peddabachigari, S., Abraham, A., Grosan, C.: Modeling intrusion detection system using hybrid intelligent systems. Journal of Network and Computer Applications 30(1), 114–132 (2007)

    CrossRef  Google Scholar 

  8. Pal, O., Jain, P., Goyal, S.: Intrusion detection using graph support: a hybrid approach of supervised and unsupervised Techniques. International Journal of Advancements in Computing Technology 2(3), 114–118 (2010)

    CrossRef  Google Scholar 

  9. Ahmed, P., Qais, Q., Christopher, W.: A survey of intrusion detection and prevention systems. Information Management and Computer Security 18(4), 277–290 (2010)

    CrossRef  Google Scholar 

  10. Nitesh, G., Sotirios, Z.: Efficient hardware support for pattern matching in network intrusion detection. Computers and Security 29(7), 756–769 (2010)

    CrossRef  Google Scholar 

  11. Zhuang, Z., Li, Y., Chen, Z.: Enhancing intrusion detection system with proximity information. International Journal of Security and Networks 5(4), 207–219 (2010)

    CrossRef  Google Scholar 

  12. Nam, P., Hyun, S., Won, L.: Anomaly intrusion detection by clustering transactional audit streams in a host computer. Information Sciences 180(12), 2375–2389 (2010)

    CrossRef  Google Scholar 

  13. Benfano, S., Lucas, V., Ning, W.: Hybrid pattern matching for trusted intrusion detection. Security and Communication Networks 4(1), 33–43 (2011)

    CrossRef  Google Scholar 

  14. Zhou, C., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers and Security 29(1), 124–140 (2010)

    CrossRef  Google Scholar 

  15. Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection models. In: Proceeding of the IEEE Symposium on Security and Privacy, pp. 120–132 (1999)

    Google Scholar 

  16. Asaka, M., Onabura, T., Inoue, S.: A new intrusion detection method based on discriminant analysis. IEICE Transactions on Information and Systems 84(5), 570–577 (2001)

    Google Scholar 

  17. Sang, H., Won, S.: An anomaly intrusion detection method by clustering normal user behavior. Computers and Security 22(7), 596–612 (2003)

    CrossRef  Google Scholar 

  18. Jing, J., Papavassiliou, S.: Enhancing network traffic prediction and anomaly detection via statistical network traffic separation and combination strategies. Computer Communications 29(10), 1627–1638 (2006)

    CrossRef  Google Scholar 

  19. Ye, N., Zhang, Y., Borror, C.: Robustness of the Markov-chain model for cyber-attack detection. IEEE Transactions on Reliability 53(1), 116–123 (2004)

    CrossRef  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gu, C., Zhang, S., Lu, H. (2011). Online Internet Intrusion Detection Based on Flow Statistical Characteristics. In: Xiong, H., Lee, W.B. (eds) Knowledge Science, Engineering and Management. KSEM 2011. Lecture Notes in Computer Science(), vol 7091. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25975-3_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25975-3_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25974-6

  • Online ISBN: 978-3-642-25975-3

  • eBook Packages: Computer ScienceComputer Science (R0)