| Future Internet | |
| Inefficiency of IDS Static Anomaly Detectors in Real-World Networks | |
| Edward Guillen1 Jeisson Sánchez1 Rafael Paez2 | |
| [1] Telecommunication Engineering Department, Nueva Granada Military University, Bogotá 110911, Colombia; E-Mail:;Engineering Systems Department, Xaverian University, Bogotá 110911, Colombia; E-Mail: | |
| 关键词: NIDS; knowledge database; artificial neural networks; anomaly detection; information security; intelligent detection; | |
| DOI : 10.3390/fi7020094 | |
| 来源: mdpi | |
 PDF
|
|
【 摘 要 】
A wide range of IDS implementations with anomaly detection modules have been deployed. In general, those modules depend on intrusion knowledge databases, such as Knowledge Discovery Dataset (KDD99), Center for Applied Internet Data Analysis (CAIDA) or Community Resource for Archiving Wireless Data at Dartmouth (CRAWDAD), among others. Once the database is analyzed and a machine learning method is employed to generate detectors, some classes of new detectors are created. Thereafter, detectors are supposed to be deployed in real network environments in order to achieve detection with good results for false positives and detection rates. Since the traffic behavior is quite different according to the user’s network activities over available services, restrictions and applications, it is supposed that behavioral-based detectors are not well suited to all kind of networks. This paper presents the differences of detection results between some network scenarios by applying traditional detectors that were calculated with artificial neural networks. The same detector is deployed in different scenarios to measure the efficiency or inefficiency of static training detectors.
【 授权许可】
CC BY
© 2015 by the authors; licensee MDPI, Basel, Switzerland.
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202003190012686ZK.pdf | 1013KB |  download |
878987797
028-85220240
