Next Article in Journal
Dynamis: Effective Context-Aware Web Service Selection Using Dynamic Attributes
Next Article in Special Issue
EDAS: An Evaluation Prototype for Autonomic Event-Driven Adaptive Security in the Internet of Things
Previous Article in Journal
Social Networking Privacy—Who’s Stalking You?
Article Menu

Export Article

Open AccessArticle
Future Internet 2015, 7(2), 94-109; doi:10.3390/fi7020094

Inefficiency of IDS Static Anomaly Detectors in Real-World Networks

1
Telecommunication Engineering Department, Nueva Granada Military University, Bogotá 110911, Colombia
2
Engineering Systems Department, Xaverian University, Bogotá 110911, Colombia
*
Author to whom correspondence should be addressed.
Academic Editor: Steven Furnell
Received: 14 November 2014 / Revised: 25 March 2015 / Accepted: 31 March 2015 / Published: 6 May 2015
(This article belongs to the Special Issue Internet Security)
View Full-Text   |   Download PDF [1014 KB, uploaded 6 May 2015]   |  

Abstract

A wide range of IDS implementations with anomaly detection modules have been deployed. In general, those modules depend on intrusion knowledge databases, such as Knowledge Discovery Dataset (KDD99), Center for Applied Internet Data Analysis (CAIDA) or Community Resource for Archiving Wireless Data at Dartmouth (CRAWDAD), among others. Once the database is analyzed and a machine learning method is employed to generate detectors, some classes of new detectors are created. Thereafter, detectors are supposed to be deployed in real network environments in order to achieve detection with good results for false positives and detection rates. Since the traffic behavior is quite different according to the user’s network activities over available services, restrictions and applications, it is supposed that behavioral-based detectors are not well suited to all kind of networks. This paper presents the differences of detection results between some network scenarios by applying traditional detectors that were calculated with artificial neural networks. The same detector is deployed in different scenarios to measure the efficiency or inefficiency of static training detectors. View Full-Text
Keywords: NIDS; knowledge database; artificial neural networks; anomaly detection; information security; intelligent detection NIDS; knowledge database; artificial neural networks; anomaly detection; information security; intelligent detection
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

SciFeed Share & Cite This Article

MDPI and ACS Style

Guillen, E.; Sánchez, J.; Paez, R. Inefficiency of IDS Static Anomaly Detectors in Real-World Networks. Future Internet 2015, 7, 94-109.

Show more citation formats Show less citations formats

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Future Internet EISSN 1999-5903 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top