Novelty-Aware Attack Recognition - Intrusion Detection with Organic Computing Techniques - Distributed, Parallel and Biologically Inspired Systems
Conference Papers Year : 2010

Novelty-Aware Attack Recognition - Intrusion Detection with Organic Computing Techniques

Abstract

A typical task of intrusion detection systems is to detect known kinds of attacks by analyzing network traffic. In this article, we will take a step forward and enable such a system to recognize very new kinds of attacks by means of novelty-awareness mechanisms. That is, an intrusion detection system will be able to recognize deficits in its own knowledge and to react accordingly. It will present a learned rule premise to the system administrator which will then be labeled, i.e., extended by an appropriate conclusion. In this article, we present new techniques for novelty-aware attack recognition based on probabilistic rule modeling techniques and demonstrate how these techniques can successfully be applied to intrusion benchmark data. The proposed novelty-awareness techniques may also be used in other application fields by intelligent technical systems (e.g., organic computing systems) to resolve problems with knowledge deficits in a self-organizing way.
Fichier principal
Vignette du fichier
final_03.pdf (171.04 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01054495 , version 1 (07-08-2014)

Licence

Identifiers

Cite

Dominik Fisch, Ferdinand Kastl, Bernhard Sick. Novelty-Aware Attack Recognition - Intrusion Detection with Organic Computing Techniques. 7th IFIP TC 10 Working Conference on Distributed, Parallel and Biologically Inspired Systems (DIPES) / 3rd IFIP TC 10 International Conference on Biologically-Inspired Collaborative Computing (BICC) / Held as Part of World Computer Congress (WCC) , Sep 2010, Brisbane, Australia. pp.242-253, ⟨10.1007/978-3-642-15234-4_24⟩. ⟨hal-01054495⟩
249 View
307 Download

Altmetric

Share

More