Title :
A Dynamic Normal Profiling for Anomaly Detection
Author_Institution :
Center for Intell. Sci. & Technol. Res., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
Machine learning-based anomaly detection approaches have attracted increasing attention in the intrusion detection community because of their intrinsic capabilities in discovering novel attacks. This paper introduces a dynamic normal profiling for anomaly detection system. It focuses on three specific contributions: (i) It continuously updates the normal profile by keeping the dynamic window size, (ii) The dynamic window adjustment through a concept drift learning algorithm which helps to keep relevant patterns and get rid of the outdated patterns, (iii) The dynamical normal profiling approach makes it a possible way for real-time anomaly detection. Experimental results show that our anomaly detection schemes are successful in automatically detecting the anomaly.
Keywords :
learning (artificial intelligence); security of data; concept drift learning algorithm; dynamic normal profiling; dynamic window adjustment; dynamic window size; intrusion detection community; machine learning-based anomaly detection; Access control; Appropriate technology; Authentication; Detection algorithms; History; Intrusion detection; Machine learning; Machine learning algorithms; Protocols; Research and development;
Conference_Titel :
Wireless Communications, Networking and Mobile Computing, 2009. WiCom '09. 5th International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-3692-7
Electronic_ISBN :
978-1-4244-3693-4
DOI :
10.1109/WICOM.2009.5301988
