Research Output

A nonlinear correlation measure for Intrusion Detection

  The popularity of using internet contains some risks of network attacks. It has attracted the attention of many researchers to overcome this problem. One of the effective ways that plays an important role to achieve higher security and protect networks against attacks is the use of intrusion detection systems. Intrusion detection systems are defined as security techniques that tend to detect individuals who are trying to sneak into a system without authorization. However, one technical challenge in intrusion detection systems is high rate of false positive alarms which affect their performance. To solve this problem, we propose an effective method, which can accurately find the correlation between network records. In this work, we compare the results using a linear measure and a nonlinear measure based on correlation coefficient and mutual information. Experiments on KDD Cup 99 data set show that our proposed method using the nonlinear correlation measure can not only reduce the rate of false alarms but also efficiently distinguish normal and abnormal behaviors, and provide higher detection and accuracy rate then using the linear correlation measure.

  • Type:

    Conference Paper (unpublished)

  • Date:

    16 November 2012

  • Publication Status:

    Unpublished

  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security

Citation

Ambusaidi, M., Lu, L. F., He, X., Tan, Z., Jamdagni, A., & Nanda, P. (2012, November). A nonlinear correlation measure for Intrusion Detection. Paper presented at The 7th International Conference on Frontier of Computer Science and Technology (FCST-12)

Authors

Keywords

Intrusion Detection; Nonlinear correlation; Mutual Information (MI); Pearson's Correlation coefficient

Monthly Views:

Available Documents

  • pdf

    A nonlinear correlation measure for Intrusion Detection

    379KB

    © 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

  • Downloadable citations

    HTML BIB RTF