Skip to main content
SpringerLink
Log in

A Data-Driven Approach for Network Intrusion Detection and Monitoring Based on Kernel Null Space

  • Conference paper
  • First Online:
Industrial Networks and Intelligent Systems (INISCOM 2019)

Abstract

In this study, we propose a new approach to determine intrusions of network in real-time based on statistical process control technique and kernel null space method. The training samples in a class are mapped to a single point using the Kernel Null Foley-Sammon Transform. The Novelty Score are computed from testing samples in order to determine the threshold for the real-time detection of anomaly. The efficiency of the proposed method is illustrated over the KDD99 data set. The experimental results show that our new method outperforms the OCSVM and the original Kernel Null Space method by 1.53% and 3.86% respectively in terms of accuracy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Bodesheim, P., Freytag, A., Rodner, E., Denzler, J.: Local novelty detection in multi-class recognition problems. In: 2015 IEEE Winter Conference on Applications of Computer Vision (WACV), pp. 813–820. IEEE (2015)

    Google Scholar 

  2. Bodesheim, P., Freytag, A., Rodner, E., Kemmler, M., Denzler, J.: Kernel null space methods for novelty detection. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 3374–3381 (2013)

    Google Scholar 

  3. Borkar, A., Donode, A., Kumari, A.: A survey on intrusion detection system (IDS) and internal intrusion detection and protection system (IIDPS). In: International Conference on Inventive Computing and Informatics (ICICI), pp. 949–953. IEEE (2017)

    Google Scholar 

  4. Liu, J., Lian, Z., Wang, Y., Xiao, J.: Incremental kernel null space discriminant analysis for novelty detection. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, pp. 792–800 (2017)

    Google Scholar 

  5. Mercado, G.R., Conerly, M.D., Perry, M.B.: Phase i control chart based on a kernel estimator of the quantile function. Qual. Reliab. Eng. Int. 27(8), 1131–1144 (2011)

    Article  Google Scholar 

  6. Nguyen, Q.T., Tran, K.P., Castagliola, P., Truong, T.H., Nguyen, M.K., Lardjane, S.: Nested one-class support vector machines for network intrusion detection. In: 2018 IEEE Seventh International Conference on Communications and Electronics (ICCE), pp. 7–12. IEEE (2018)

    Google Scholar 

  7. Park, Y., Baek, S.H., Kim, S.H., Tsui, K.L.: Statistical process control-based intrusion detection and monitoring. Qual. Reliab. Eng. Int. 30(2), 257–273 (2014)

    Article  Google Scholar 

  8. Schölkopf, B., Platt, J.C., Shawe-Taylor, J., Smola, A.J., Williamson, R.C.: Estimating the support of a high-dimensional distribution. Neural Comput. 13(7), 1443–1471 (2001)

    Article  Google Scholar 

  9. Sheather, S.J., Marron, J.S.: Kernel quantile estimators. J. Am. Stat. Assoc. 85(410), 410–416 (1990)

    Article  MathSciNet  Google Scholar 

  10. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, CISDA 2009, pp. 1–6. IEEE (2009)

    Google Scholar 

  11. Trinh, V.V., Tran, K.P., Huong, T.T.: Data driven hyperparameter optimization of one-class support vector machines for anomaly detection in wireless sensor networks. In: 2017 International Conference on Advanced Technologies for Communications (ATC), pp. 6–10, October 2017. https://doi.org/10.1109/ATC.2017.8167642

  12. Wang, Y., Wong, J., Miner, A.: Anomaly intrusion detection using one class SVM. In: Information Assurance Workshop, pp. 358–364 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Electronics and Telecommunications, Hanoi University of Science and Technology, Hanoi, Vietnam

    Thu Huong Truong & Phuong Bac Ta

  2. Division of Artificial Intelligence, Dong A University, Da Nang, Vietnam

    Quoc Thong Nguyen

  3. Faculty of Information Technology, Vietnam National University of Agriculture, Hanoi, Vietnam

    Huu Du Nguyen

  4. GEMTEX Laboratory, Ecole Nationale Sup des Arts et Industries Textiles, BP 30329 59056, Roubaix Cedex 1, France

    Kim Phuc Tran

Authors
  1. Thu Huong Truong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Phuong Bac Ta
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Quoc Thong Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Huu Du Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Kim Phuc Tran
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thu Huong Truong .

Editor information

Editors and Affiliations

  1. Queen's University Belfast, Belfast, UK

    Trung Quang Duong

  2. Faculty of Electrical and Electronics Engineering, Duy Tan University, Da Nang, Vietnam

    Nguyen-Son Vo

  3. Nong Lam University Ho Chi Minh City, Ho Chi Minh City, Vietnam

    Loi K. Nguyen

  4. School of Science and Technology, Middlesex University, London, UK

    Quoc-Tuan Vien

  5. School of Electronic Engineering, Soongsil University, Seoul, Korea (Republic of)

    Van-Dinh Nguyen

Rights and permissions

Reprints and permissions

Copyright information

© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Truong, T.H., Ta, P.B., Nguyen, Q.T., Du Nguyen, H., Tran, K.P. (2019). A Data-Driven Approach for Network Intrusion Detection and Monitoring Based on Kernel Null Space. In: Duong, T., Vo, NS., Nguyen, L., Vien, QT., Nguyen, VD. (eds) Industrial Networks and Intelligent Systems. INISCOM 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 293. Springer, Cham. https://doi.org/10.1007/978-3-030-30149-1_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30149-1_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30148-4

  • Online ISBN: 978-3-030-30149-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation