UNKNOWN ATTACK DETECTION USING EVOLUTION IDENTIFICATION ON STREAMING NETWORK DATA

摘要

Over last few decades design of Network Intrusion Detection System (NIDS) has been a challenging problem faced by research community. Detection of unknown network attacks is one such challenge. Growing convergence of networks aided by complexity and wide reach of networks is fueling emergence of new types of network attacks, which traditional NID systems are failing to detect. The present invention design a NIDS scheme that efficiently detects such new and unknown network attacks. To address the problem unlike other approaches this assumes continuous streamed network data. The process then use cosine similarity on KDD99 labeled data set to build feature space. And then use ensemble of multi-classifiers to effectively classify known attacks and normal traffic. For detecting unknown attack a new algorithm is design using q-neighborhood silhouette coefficient for cohesion measurement and mean- square contingency coefficient for correlation measurement on outlier data. Following invention is described in detail with the help of Figure 1 of sheet 1 shows the Detection Algorithm used in the present invention.