抽象的

Network Intrusion Prevention System Using Machine Learning Techniques

Chanakya G*, Kunal P, Sumedh S, Priyanka W, Mahalle PN

Secured data communication over networks is always under threat of intrusions and misuses. A Network Intrusion Prevention and Detection System (IPDS) is a valuable tool for the defense-in-depth of computer networks. Network IPDS look for known or potential malicious activities in network traffic and raise an alarm whenever a suspicious activity is detected. The Intrusion Detection Systems most commonly used in enterprise networks are signature-based, because they can efficiently detect known attacks while generating a relatively low number of false positives. Anomaly-based detection systems usually produce a relatively higher number of false positives, compared to the misuse-based or signature-based detection systems because only a fraction of the anomalous traffic is derived from intrusion attempts. As a matter of fact, it has been shown that the false positive rate is the true limiting factor for the performance of IDS, and that in order to substantially increase the Bayesian detection rate, P (Intrusion |Alarm), the IDS must have a very low false positive rate. One-class classification algorithms pursue concept learning in absence of counter examples, and have been shown to be promising for network anomaly detection. This project aims to use one-class classifier that is One-Class Support Vector Machines to detect network attacks that bear form of port-scan attacks for very low false positive rates.

免责声明: 此摘要通过人工智能工具翻译,尚未经过审核或验证