loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Benferhat Salem and Tabia Karim

Affiliation: CRIL-CNRS UMR8188, Universite´ d’Artois, France

Keyword(s): Intrusion detection, behavioral approaches, Bayesian networks.

Related Ontology Subjects/Areas/Topics: Artificial Intelligence ; Computational Intelligence ; Evolutionary Computing ; Knowledge Discovery and Information Retrieval ; Knowledge-Based Systems ; Machine Learning ; Soft Computing ; Symbolic Systems

Abstract: During last years, behavioral approaches, representing normal/abnormal activities, have been widely used in intrusion detection. However, they are ineffective for detecting novel attacks involving new behaviors. This paper first analyzes and explains this recurring problem due on one hand to inadequate handling of anomalous and unusual audit events and on other hand to insufficient decision rules which do not meet behavioral approach objectives. We then propose to enhance the standard classification rules in order to fit behavioral approach requirements and detect novel attacks. Experimental studies carried out on real and simulated htt p traffic show that these enhanced decision rules allow to detect most novel attacks without triggering higher false alarm rates.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.222.22.244

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Salem, B. and Karim, T. (2008). ON THE DETECTION OF NOVEL ATTACKS USING BEHAVIORAL APPROACHES. In Proceedings of the Third International Conference on Software and Data Technologies - Volume 1: ICSOFT; ISBN 978-989-8111-51-7; ISSN 2184-2833, SciTePress, pages 265-272. DOI: 10.5220/0001894302650272

@conference{icsoft08,
author={Benferhat Salem. and Tabia Karim.},
title={ON THE DETECTION OF NOVEL ATTACKS USING BEHAVIORAL APPROACHES},
booktitle={Proceedings of the Third International Conference on Software and Data Technologies - Volume 1: ICSOFT},
year={2008},
pages={265-272},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001894302650272},
isbn={978-989-8111-51-7},
issn={2184-2833},
}

TY - CONF

JO - Proceedings of the Third International Conference on Software and Data Technologies - Volume 1: ICSOFT
TI - ON THE DETECTION OF NOVEL ATTACKS USING BEHAVIORAL APPROACHES
SN - 978-989-8111-51-7
IS - 2184-2833
AU - Salem, B.
AU - Karim, T.
PY - 2008
SP - 265
EP - 272
DO - 10.5220/0001894302650272
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic