A machine learning approach with verification of predictions and assisted supervision for a rule-based network intrusion detection system

Fernández Villamor, José Ignacio and Garijo Ayestaran, Mercedes (2008). A machine learning approach with verification of predictions and assisted supervision for a rule-based network intrusion detection system. In: "WEBIST 2008: 4th International Conference on Web Information Systems and Technologies", 04/05/2008-07/05/2008, Funchal, Portugal. ISBN 978-989-8111-26-5.

Description

Title: A machine learning approach with verification of predictions and assisted supervision for a rule-based network intrusion detection system
Author/s:
  • Fernández Villamor, José Ignacio
  • Garijo Ayestaran, Mercedes
Item Type: Presentation at Congress or Conference (Article)
Event Title: WEBIST 2008: 4th International Conference on Web Information Systems and Technologies
Event Dates: 04/05/2008-07/05/2008
Event Location: Funchal, Portugal
Title of Book: WEBIST 2008: Proceedings of the 4th International Conference on Web Information Systems and Technologies
Date: 2008
ISBN: 978-989-8111-26-5
Subjects:
Freetext Keywords: Network Intrusion Detection Systems, Rules of inference, Machine learning, Decision trees, Self-organizing maps
Faculty: E.T.S.I. Telecomunicación (UPM)
Department: Ingeniería de Sistemas Telemáticos [hasta 2014]
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (161kB) | Preview

Abstract

Network security is a branch of network management in which network intrusion detection systems provide attack detection features by monitorization of traffic data. Rule-based misuse detection systems use a set of rules or signatures to detect attacks that exploit a particular vulnerability. These rules have to be handcoded by experts to properly identify vulnerabilities, which results in misuse detection systems having limited extensibility. This paper proposes a machine learning layer on top of a rule-based misuse detection system that provides automatic generation of detection rules, prediction verification and assisted classification of new data. Our system offers an overall good performance, while adding an heuristic and adaptive approach to existing rule-based misuse detection systems.

More information

Item ID: 4109
DC Identifier: http://oa.upm.es/4109/
OAI Identifier: oai:oa.upm.es:4109
Official URL: http://www.webist.org/WEBIST2008/index.htm
Deposited by: Memoria Investigacion
Deposited on: 14 Sep 2010 11:38
Last Modified: 20 Apr 2016 13:27
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM