Empirical Evaluation of the Internet Analysis System for Application in the Field of Anomaly Detection

Publikation: Beitrag in Buch/Bericht/TagungsbandKonferenzbeitrag

Abstract

Anomaly detection in computer networks is an actively researched topic in the field of intrusion detection. The Internet Analysis System (IAS) is a software framework which provides passive probes and centralized backend services to collect purely statistical network data in distributed computer networks. This paper presents an empirical evaluation of the IAS data format for detecting anomalies, caused by attack traffic. This process involved the generation of labeled evaluation data based on the 1999 DARPA Intrusion Detection Evaluation data sets and two different supervised machine learning approaches for the assessment. The results of this evaluation conclude, that the IAS is not a convenient data source for advanced anomaly detection in the scope of our research.
OriginalspracheEnglisch
TitelProceedings - European Conference on Computer Network Defense, EC2ND 2010
Herausgeber (Verlag)IEEE Computer Society Press
Seiten63-70
Seitenumfang8
ISBN (Print)9780769543116
DOIs
PublikationsstatusVeröffentlicht - 2010
VeranstaltungEC2ND 2010 - Berlin, Deutschland
Dauer: 28 Okt. 201029 Okt. 2010
http://2010.ec2nd.org

Publikationsreihe

NameProceedings - European Conference on Computer Network Defense, EC2ND 2010

Konferenz

KonferenzEC2ND 2010
Land/GebietDeutschland
OrtBerlin
Zeitraum28.10.201029.10.2010
Internetadresse

Schlagwörter

  • evaluation data
  • intrusion detection
  • machine learning
  • supervised anomaly detection

Fingerprint

Untersuchen Sie die Forschungsthemen von „Empirical Evaluation of the Internet Analysis System for Application in the Field of Anomaly Detection“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren