A comparison of different technique in flow based anomaly detection
By performing network traffic analyzing in different datasets, Intrusion Detection Systems (IDS) that works based on anomaly techniques learn the pattern of anomalous and normal behavior. The huge data size in IDSs dataset to process is known as the trend challenge. It causes high false alarms rates...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2017
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/71066/1/FSKTM%202017%2010%20-%20IR.pdf http://psasir.upm.edu.my/id/eprint/71066/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.upm.eprints.71066 |
|---|---|
| record_format |
eprints |
| spelling |
my.upm.eprints.710662019-08-13T08:37:06Z http://psasir.upm.edu.my/id/eprint/71066/ A comparison of different technique in flow based anomaly detection Salah, Mohammad By performing network traffic analyzing in different datasets, Intrusion Detection Systems (IDS) that works based on anomaly techniques learn the pattern of anomalous and normal behavior. The huge data size in IDSs dataset to process is known as the trend challenge. It causes high false alarms rates and low rates of detection. In this proposal, a new method which functions based on the Online Sequential Extreme Learning Machine (OS-ELM) is introduced for detecting intrusions in the network. Our proposed method detect anomaly by using alpha profiling technique and by utilizing a group of filtered, feature selection techniques based on Consistency and Correlation has eliminated the inappropriate features. Beta profiling technique has been used in order to decrease the training dataset’s size, as an alternative for sampling technique. In order to evaluate the efficiency of the proposed method we used the standard version of Network Security Laboratory-Knowledge Discovery and Data Mining (NSL-KDD2009) dataset. According to the primary achieved results from our experiments, it is assumed that our proposed IDS method can achieve lower rate of false positive and higher accuracy when using NSL-KDD dataset. It can also be seen that our proposed method is more eƥcient than conventional methods in intrusion detection. 2017-01 Thesis NonPeerReviewed text en http://psasir.upm.edu.my/id/eprint/71066/1/FSKTM%202017%2010%20-%20IR.pdf Salah, Mohammad (2017) A comparison of different technique in flow based anomaly detection. Masters thesis, Universiti Putra Malaysia. |
| institution |
Universiti Putra Malaysia |
| building |
UPM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Putra Malaysia |
| content_source |
UPM Institutional Repository |
| url_provider |
http://psasir.upm.edu.my/ |
| language |
English |
| description |
By performing network traffic analyzing in different datasets, Intrusion Detection Systems (IDS) that works based on anomaly techniques learn the pattern of anomalous and normal behavior. The huge data size in IDSs dataset to process is known as the trend challenge. It causes high false alarms rates and low rates of detection. In this proposal, a new method which functions based on the Online Sequential Extreme Learning Machine (OS-ELM) is introduced for detecting intrusions in the network. Our proposed method detect anomaly by using alpha profiling technique and by utilizing a group of filtered, feature selection techniques based on Consistency and Correlation has eliminated the inappropriate features. Beta profiling technique has been used in order to decrease the training dataset’s size, as an alternative for sampling technique. In order to evaluate the efficiency of the proposed method we used the standard version of Network Security Laboratory-Knowledge Discovery and Data Mining (NSL-KDD2009) dataset. According to the primary achieved results from our experiments, it is assumed that our proposed IDS method can achieve lower rate of false positive and higher accuracy when using NSL-KDD dataset. It can also be seen that our proposed method is more eƥcient than conventional methods in intrusion detection. |
| format |
Thesis |
| author |
Salah, Mohammad |
| spellingShingle |
Salah, Mohammad A comparison of different technique in flow based anomaly detection |
| author_facet |
Salah, Mohammad |
| author_sort |
Salah, Mohammad |
| title |
A comparison of different technique in flow based anomaly detection |
| title_short |
A comparison of different technique in flow based anomaly detection |
| title_full |
A comparison of different technique in flow based anomaly detection |
| title_fullStr |
A comparison of different technique in flow based anomaly detection |
| title_full_unstemmed |
A comparison of different technique in flow based anomaly detection |
| title_sort |
comparison of different technique in flow based anomaly detection |
| publishDate |
2017 |
| url |
http://psasir.upm.edu.my/id/eprint/71066/1/FSKTM%202017%2010%20-%20IR.pdf http://psasir.upm.edu.my/id/eprint/71066/ |
| _version_ |
1643839821693583360 |
| score |
13.211869 |