A unit-circle classification algorithm to characterize back attack and normal traffic for intrusion detection

Author

Suthaharan, Shan

Author_Institution

Dept. of Comput. Sci., Univ. of North Carolina at Greensboro, Greensboro, NC, USA

fYear

2012

fDate

11-14 June 2012

Firstpage

150

Lastpage

152

Abstract

A simple, yet effective, unit-circle algorithm for an intrusion detection system is presented. It defines normal and abnormal classes using the normalized “standard scores” of the traffic data with a novel unit-circle representation. In this approach, the feature values of the traffic data are first standardized to reduce statistical dependencies of local structural variations within a class and then normalized to isolate statistical inaccuracies between classes. A unit-circle is then constructed using two selected features. The unit-circle algorithm reveals that the normal and the back attack traffic in NSL-KDD datasets fall inside the normal and the abnormal classes respectively. Hence we have robust definitions for the back attack and normal traffic activities in a computer network based on NSL-KDD dataset.

Keywords

computer network security; pattern classification; statistical analysis; telecommunication traffic; NSL-KDD datasets; back attack characterization; computer network; intrusion detection; local structural variations; normal traffic; standard scores; statistical dependencies; unit-circle classification algorithm; unit-circle representation; Classification algorithms; Feature extraction; Intrusion detection; Mathematical model; Robustness; Standards; USA Councils; back attack; classification; intrusion detection; labeled dataset; standard score;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligence and Security Informatics (ISI), 2012 IEEE International Conference on

Conference_Location

Arlington, VA

Print_ISBN

978-1-4673-2105-1

Type

conf

DOI

10.1109/ISI.2012.6284275

Filename

6284275