首页> 美国卫生研究院文献>The Scientific World Journal >A Dynamic Intrusion Detection System Based on Multivariate Hotellings T2 Statistics Approach for Network Environments
【2h】

A Dynamic Intrusion Detection System Based on Multivariate Hotellings T2 Statistics Approach for Network Environments

机译:网络环境下基于多元Hotelling T2统计方法的动态入侵检测系统

代理获取
本网站仅为用户提供外文OA文献查询和代理获取服务,本网站没有原文。下单后我们将采用程序或人工为您竭诚获取高质量的原文,但由于OA文献来源多样且变更频繁,仍可能出现获取不到、文献不完整或与标题不符等情况,如果获取不到我们将提供退款服务。请知悉。

摘要

The ever expanding communication requirements in today's world demand extensive and efficient network systems with equally efficient and reliable security features integrated for safe, confident, and secured communication and data transfer. Providing effective security protocols for any network environment, therefore, assumes paramount importance. Attempts are made continuously for designing more efficient and dynamic network intrusion detection models. In this work, an approach based on Hotelling's T2 method, a multivariate statistical analysis technique, has been employed for intrusion detection, especially in network environments. Components such as preprocessing, multivariate statistical analysis, and attack detection have been incorporated in developing the multivariate Hotelling's T2 statistical model and necessary profiles have been generated based on the T-square distance metrics. With a threshold range obtained using the central limit theorem, observed traffic profiles have been classified either as normal or attack types. Performance of the model, as evaluated through validation and testing using KDD Cup'99 dataset, has shown very high detection rates for all classes with low false alarm rates. Accuracy of the model presented in this work, in comparison with the existing models, has been found to be much better.
机译:在当今世界,不断增长的通信要求要求具有集成的高效,可靠的安全功能的广泛,高效的网络系统,以实现安全,自信和安全的通信和数据传输。因此,为任何网络环境提供有效的安全协议至关重要。不断地尝试设计更有效和动态的网络入侵检测模型。在这项工作中,尤其是在网络环境中,已经采用了基于Hotelling的T 2 方法(一种多元统计分析技术)的方法来进行入侵检测。在开发多元Hotelling的T 2 统计模型时,已结合了诸如预处理,多元统计分析和攻击检测等组件,并已基于T平方距离度量标准生成了必要的配置文件。通过使用中心极限定理获得的阈值范围,可以将观察到的流量配置文件分为正常类型或攻击类型。通过使用KDD Cup'99数据集进行的验证和测试所评估的模型的性能显示,对于所有类别的虚假警报率都很低,检出率非常高。已经发现,与现有模型相比,本文提出的模型的准确性要好得多。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
代理获取

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号