Title :
Network surveillance and multi-group intrusion classification
Author :
Kou, Gang ; Yan, Nian ; Peng, Yi ; Shi, Yong ; Chen, Zhengxin
Author_Institution :
Peter Kiewit Inst. of Inf. Sci., Technol. & Eng., Nebraska Univ., Omaha, NE, USA
Abstract :
The early and reliable detection of malicious attacks is a crucial issue for today´s network security and survivability. Different types of attacks may need different responses. Therefore, it is a meaningful task to predict the category of malicious attacks and take appropriate reactions. The goal of this paper is to apply multiple-criteria linear programming (MCLP) method to the multi-group intrusion classification problem. Specifically, we first collect a multi-group network intrusion dataset using Tenable NeWT Security Scanner. Five attack types and total of 9061 data records were captured. After that, MCLP five-group model was applied to the NeWT dataset. The classification accuracy of MCLP was compared with see5, a decision-tree-based classification tool. The experimental results of this research indicate that MCLP achieves comparable classification accuracy to see5.
Keywords :
linear programming; pattern classification; security of data; surveillance; telecommunication security; Tenable NeWT Security Scanner; five-group model; malicious attack detection; multigroup intrusion classification; multigroup network intrusion dataset; multiple-criteria linear programming; network security; network surveillance; Classification tree analysis; Data engineering; Data security; IP networks; Information science; Knowledge engineering; Knowledge management; Linear programming; Local area networks; Surveillance;
Conference_Titel :
Services Systems and Services Management, 2005. Proceedings of ICSSSM '05. 2005 International Conference on
Print_ISBN :
0-7803-8971-9
DOI :
10.1109/ICSSSM.2005.1500112
