DocumentCode :
2081442
Title :
Multivariate statistical analysis of network traffic for intrusion detection
Author :
Kanaoka, Akira ; Okamoto, Eiji
Author_Institution :
Tsukuba Univ., Japan
fYear :
2003
fDate :
1-5 Sept. 2003
Firstpage :
472
Lastpage :
476
Abstract :
In the field of intrusion detection research, it is often said that anomaly detection has high false positive (FP) rate, though no sufficient analysis is presented so far. To investigate this assertion, this paper analyzes network traffic data using multivariate statistical analysis method. Data set used for the analysis is 1998 DARPA Intrusion Detection Evaluation Data. The information type applied to detect intrusion has been chosen empirically or intuitively. Our result supports that such information type is correct, and moreover on-line processing achieves lower FP rate with high attack detection rate than batch processing in most cases.
Keywords :
computer networks; data analysis; electronic data interchange; security of data; statistical analysis; telecommunication security; telecommunication traffic; anomaly detection; attack detection; data analysis; false positive rate; intrusion detection; multivariate statistical analysis; network traffic data; online processing; Conferences; Databases; Expert systems; Intrusion detection; Statistical analysis; Telecommunication traffic;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on
ISSN :
1529-4188
Print_ISBN :
0-7695-1993-8
Type :
conf
DOI :
10.1109/DEXA.2003.1232068
Filename :
1232068
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2081442
بازگشت