Title :
A unit-circle classification algorithm to characterize back attack and normal traffic for intrusion detection
Author :
Suthaharan, Shan
Author_Institution :
Dept. of Comput. Sci., Univ. of North Carolina at Greensboro, Greensboro, NC, USA
Abstract :
A simple, yet effective, unit-circle algorithm for an intrusion detection system is presented. It defines normal and abnormal classes using the normalized “standard scores” of the traffic data with a novel unit-circle representation. In this approach, the feature values of the traffic data are first standardized to reduce statistical dependencies of local structural variations within a class and then normalized to isolate statistical inaccuracies between classes. A unit-circle is then constructed using two selected features. The unit-circle algorithm reveals that the normal and the back attack traffic in NSL-KDD datasets fall inside the normal and the abnormal classes respectively. Hence we have robust definitions for the back attack and normal traffic activities in a computer network based on NSL-KDD dataset.
Keywords :
computer network security; pattern classification; statistical analysis; telecommunication traffic; NSL-KDD datasets; back attack characterization; computer network; intrusion detection; local structural variations; normal traffic; standard scores; statistical dependencies; unit-circle classification algorithm; unit-circle representation; Classification algorithms; Feature extraction; Intrusion detection; Mathematical model; Robustness; Standards; USA Councils; back attack; classification; intrusion detection; labeled dataset; standard score;
Conference_Titel :
Intelligence and Security Informatics (ISI), 2012 IEEE International Conference on
Conference_Location :
Arlington, VA
Print_ISBN :
978-1-4673-2105-1
DOI :
10.1109/ISI.2012.6284275
