Inefficiency of IDS Static Anomaly Detectors in Real-World Networks
AbstractA wide range of IDS implementations with anomaly detection modules have been deployed. In general, those modules depend on intrusion knowledge databases, such as Knowledge Discovery Dataset (KDD99), Center for Applied Internet Data Analysis (CAIDA) or Community Resource for Archiving Wireless Data at Dartmouth (CRAWDAD), among others. Once the database is analyzed and a machine learning method is employed to generate detectors, some classes of new detectors are created. Thereafter, detectors are supposed to be deployed in real network environments in order to achieve detection with good results for false positives and detection rates. Since the traffic behavior is quite different according to the user’s network activities over available services, restrictions and applications, it is supposed that behavioral-based detectors are not well suited to all kind of networks. This paper presents the differences of detection results between some network scenarios by applying traditional detectors that were calculated with artificial neural networks. The same detector is deployed in different scenarios to measure the efficiency or inefficiency of static training detectors. View Full-Text
Scifeed alert for new publicationsNever miss any articles matching your research from any publisher
- Get alerts for new papers matching your research
- Find out the new papers from selected authors
- Updated daily for 49'000+ journals and 6000+ publishers
- Define your Scifeed now
Guillen, E.; Sánchez, J.; Paez, R. Inefficiency of IDS Static Anomaly Detectors in Real-World Networks. Future Internet 2015, 7, 94-109.
Guillen E, Sánchez J, Paez R. Inefficiency of IDS Static Anomaly Detectors in Real-World Networks. Future Internet. 2015; 7(2):94-109.Chicago/Turabian Style
Guillen, Edward; Sánchez, Jeisson; Paez, Rafael. 2015. "Inefficiency of IDS Static Anomaly Detectors in Real-World Networks." Future Internet 7, no. 2: 94-109.