Self-Learning Network Intrusion Detection
Copyright policy )Self-Learning Network Intrusion Detection
Zusammenfassung Services in the Internet are confronted with a growing amount and diversity of network attacks. Regular instruments of computer security increasingly fail to fend off this threat, as they rely on the manual generation of detection patterns and lack protection from unknown threats. In this article, we present a framework for self-learning intrusion detection, which allows for automatically identifying unknown attacks in the application layer of network communication. The framework links concepts from computer security and machine learning for deriving geometric models of normal network data and identifying attacks as deviations thereof. Empirically, this ability can be demonstrated on real network traffic, where a prototype of the framework identifies 80–97% of unknown attacks with less than 0.002% false positives and throughput rates between 26–60 Mbit/s.
- Technical University of Berlin Germany
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).1 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!