论文信息 - Guessing strategy for improving intrusion detections

Guessing strategy for improving intrusion detections

Intrusion detectors isolate intrusions based on allowable and disallowable activities. The disallowable policy enforcers will alert only on events that are known to be bad while the allowable policy enforcer will alert on events that deviate from those that have been classified as good. However, these trade-offs become difficult to balance in a recent time due to the complexity of computer attacks. Accordingly, intrusion detectors generate tons of alerts that may signify realistic and false attacks. Most often, failed attacks are erroneously predicted and processed while classification trees that should have given detail descriptions of each clusters of the attacks are poorly constructed. This is because the qualities of clustering schemes that are generated are not evaluated with an appropriate model. Consequently, attacks in progress are not forestalled despite alerts that intrusion detectors generate beforehand. Therefore, this paper presents category utility paradigm for showing a good way of using clustering algorithm to partition audit trails. Series of evaluations showed how to adopt guessing strategy to improve the efficacy of intrusion detections.

Joshua Ojo Nehinbe | J. Nehinbe

[1] Douglas H. Fisher,et al. Knowledge Acquisition Via Incremental Conceptual Clustering , 1987, Machine Learning.

[2] Jiawei Han,et al. Data Mining: Concepts and Techniques , 2000 .

[3] C.J.H. Mann,et al. Handbook of Data Mining and Knowledge Discovery , 2004 .

[4] Ivo Marinchev. Applying Category Utility and Partition Utility Functions to Semantic-Based Conceptual Clustering Approach , 2007 .

[5] Boris G. Mirkin,et al. Reinterpreting the Category Utility Function , 2001, Machine Learning.

[6] Sun Kim,et al. Cluster Utility: A new metric to guide sequence clustering algorithms , 2003 .

[7] Ali Movaghar-Rahimabadi,et al. Intrusion Detection: A Survey , 2008, 2008 Third International Conference on Systems and Networks Communications.

[8] Ji Hyea Han,et al. Data Mining : Concepts and Techniques 2 nd Edition Solution Manual , 2005 .

[9] M. Gluck,et al. Explaining Basic Categories: Feature Predictability and Information , 1992 .

[10] Mark A. Gluck,et al. Information, Uncertainty and the Utility of Categories , 1985 .

[11] Karen A. Scarfone,et al. Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .