A new intrusion detection and alarm correlation technology based on neural network
Tóm tắt
With the continuous development of computer networks, the security of the network has become increasingly prominent. A major threat to network security is the intrusion of information systems through the network. Intrusion detection of the traditional intrusion detection and alarm technology is not sufficient. Based on neural network technology, this paper studies the intrusion detection and alarm correlation technology. Based on the research on the working principle and workflow of the existing intrusion detection system, a new neural network-based intrusion detection and alarm method is proposed. A neural network-based intrusion detection and alarm system is designed and implemented. Through the experiment of the system prototype, the results show that the intrusion detection and alarm system based on the neural network has a higher detection rate and a lower false alarm rate for intrusion behaviors such as denial of service attack and has higher detection ability for unknown attack behaviors.
Tài liệu tham khảo
F. Hachmi, M. Limam, A. Improved, Intrusion detection system based on a two stage alarm correlation to identify outliers and false alerts. Lect. Notes Comput. Sci 9468, 130–139 (2015)
N. Hubballi, V. Suryanarayanan, Review: False alarm minimization techniques in signature-based intrusion detection systems: A survey. Comput. Commun. 49(8), 1–17 (2014)
G.H. Kim, H.W. Lee, in International Conference on Computational Science and ITS Applications. SVM based false alarm minimization scheme on intrusion prevention system (2006)
H.J. Liao et al., Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)
O. Mazhelis, S. Puuronen, A framework for behavior-based detection of user substitution in a mobile context. Comput. Secur. 26(2), 154–176 (2007)
A. Mohamed, M. Ahmed, S. Chau, in IEEE International Symposium on Applied Machine Intelligence and Informatics. A new adaptive evidential reasoning approach for network alarm correlation (2012)
A.A. Ramaki, M. Amini, R.E. Atani, RTECA: real time episode correlation algorithm for multi-step attack scenarios detection. Comput. Secur. 49, 206–219 (2015)
G.A. Barreto et al., Condition monitoring of 3G cellular networks through competitive neural models. IEEE Trans. Neural Netw. 16(5), 1064–1075 (2005)
A.S. Saratikov et al., Interactive wormhole detection and evaluation. Inf. Vis. 6(1), 3–17 (2007)
G.C. Tjhai et al., A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm. Comput. Secur. 29(6), 712–723 (2010)
S. Kabiraj, V. Topkar, R.C Walke, Going green: a holistic approach to transform business. Int. J. Manag. Inform. Technol. 2(3), 22–31 (2010)
B. Zhang, X. Wang, Z. Zheng, The optimization for recurring queries in big data analysis system with MapReduce. Futur. Gener. Comput. Syst. (2017). https://doi.org/10.1016/j.future.2017.09.063
S. Yao, A.K. Sangaiah, Z. Zheng, T. Wang, Sparsity estimation matching pursuit algorithm based on restricted isometry property for signal reconstruction. Futur. Gener. Comput. Syst.. https://doi.org/10.1016/j.future.2017.09.034
W. Hua, D. Mu, Z. Zheng, D. Guo, Online multi-person tracking assist by high-performance detection. J. Supercomput., 1–19. https://doi.org/10.1007/s11227-017-2202-8
Y. Lin, X. Zhu, Z. Zheng, Z. Dou, R. Zhou, The individual Identication method of wireless device based on dimensionality reduction and machine learning. J. Supercomput., 1–18. https://doi.org/10.1007/s11227-017-2216-2
Zhigao Zheng, Zunxin Zheng. Towards an improved heuristic genetic algorithm for static content delivery in cloud storage. Comput. Electr. Eng. (2017). 2017–6–28. https://doi.org/10.1016/j.compeleceng.2017.06.011