loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Benferhat Salem and Tabia Karim

Affiliation: CRIL-CNRS UMR8188, Universite´ d’Artois, France

ISBN: 978-989-8111-51-7

Keyword(s): Intrusion detection, behavioral approaches, Bayesian networks.

Related Ontology Subjects/Areas/Topics: Artificial Intelligence ; Computational Intelligence ; Evolutionary Computing ; Knowledge Discovery and Information Retrieval ; Knowledge-Based Systems ; Machine Learning ; Soft Computing ; Symbolic Systems

Abstract: During last years, behavioral approaches, representing normal/abnormal activities, have been widely used in intrusion detection. However, they are ineffective for detecting novel attacks involving new behaviors. This paper first analyzes and explains this recurring problem due on one hand to inadequate handling of anomalous and unusual audit events and on other hand to insufficient decision rules which do not meet behavioral approach objectives. We then propose to enhance the standard classification rules in order to fit behavioral approach requirements and detect novel attacks. Experimental studies carried out on real and simulated htt p traffic show that these enhanced decision rules allow to detect most novel attacks without triggering higher false alarm rates.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.175.191.72

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Salem B.; Karim T. and (2008). ON THE DETECTION OF NOVEL ATTACKS USING BEHAVIORAL APPROACHES.In Proceedings of the Third International Conference on Software and Data Technologies - Volume 1: ICSOFT, ISBN 978-989-8111-51-7, pages 265-272. DOI: 10.5220/0001894302650272

@conference{icsoft08,
author={Benferhat Salem and Tabia Karim},
title={ON THE DETECTION OF NOVEL ATTACKS USING BEHAVIORAL APPROACHES},
booktitle={Proceedings of the Third International Conference on Software and Data Technologies - Volume 1: ICSOFT,},
year={2008},
pages={265-272},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001894302650272},
isbn={978-989-8111-51-7},
}

TY - CONF

JO - Proceedings of the Third International Conference on Software and Data Technologies - Volume 1: ICSOFT,
TI - ON THE DETECTION OF NOVEL ATTACKS USING BEHAVIORAL APPROACHES
SN - 978-989-8111-51-7
AU - Salem, B.
AU - Karim, T.
PY - 2008
SP - 265
EP - 272
DO - 10.5220/0001894302650272

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.