Novelty-Aware Attack Recognition - Intrusion Detection with Organic Computing Techniques

Abstract : A typical task of intrusion detection systems is to detect known kinds of attacks by analyzing network traffic. In this article, we will take a step forward and enable such a system to recognize very new kinds of attacks by means of novelty-awareness mechanisms. That is, an intrusion detection system will be able to recognize deficits in its own knowledge and to react accordingly. It will present a learned rule premise to the system administrator which will then be labeled, i.e., extended by an appropriate conclusion. In this article, we present new techniques for novelty-aware attack recognition based on probabilistic rule modeling techniques and demonstrate how these techniques can successfully be applied to intrusion benchmark data. The proposed novelty-awareness techniques may also be used in other application fields by intelligent technical systems (e.g., organic computing systems) to resolve problems with knowledge deficits in a self-organizing way.
Type de document :
Communication dans un congrès
Mike Hinchey; Bernd Kleinjohann; Lisa Kleinjohann; Peter A. Lindsay; Franz J. Rammig; Jon Timmis; Marilyn Wolf. 7th IFIP TC 10 Working Conference on Distributed, Parallel and Biologically Inspired Systems (DIPES) / 3rd IFIP TC 10 International Conference on Biologically-Inspired Collaborative Computing (BICC) / Held as Part of World Computer Congress (WCC) , Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-329, pp.242-253, 2010, Distributed, Parallel and Biologically Inspired Systems. 〈10.1007/978-3-642-15234-4_24〉
Liste complète des métadonnées

Littérature citée [17 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01054495
Contributeur : Hal Ifip <>
Soumis le : jeudi 7 août 2014 - 11:09:04
Dernière modification le : vendredi 1 décembre 2017 - 01:09:52
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 01:25:17

Fichier

final_03.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Dominik Fisch, Ferdinand Kastl, Bernhard Sick. Novelty-Aware Attack Recognition - Intrusion Detection with Organic Computing Techniques. Mike Hinchey; Bernd Kleinjohann; Lisa Kleinjohann; Peter A. Lindsay; Franz J. Rammig; Jon Timmis; Marilyn Wolf. 7th IFIP TC 10 Working Conference on Distributed, Parallel and Biologically Inspired Systems (DIPES) / 3rd IFIP TC 10 International Conference on Biologically-Inspired Collaborative Computing (BICC) / Held as Part of World Computer Congress (WCC) , Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-329, pp.242-253, 2010, Distributed, Parallel and Biologically Inspired Systems. 〈10.1007/978-3-642-15234-4_24〉. 〈hal-01054495〉

Partager

Métriques

Consultations de la notice

150

Téléchargements de fichiers

181