{"title":"Empirical Evaluation of the Internet Analysis System for Application in the Field of Anomaly Detection","authors":"Harald Lampesberger","doi":"10.1109/EC2ND.2010.10","DOIUrl":null,"url":null,"abstract":"Anomaly detection in computer networks is an actively researched topic in the field of intrusion detection. The Internet Analysis System (IAS) is a software framework which provides passive probes and centralized backend services to collect purely statistical network data in distributed computer networks. This paper presents an empirical evaluation of the IAS data format for detecting anomalies, caused by attack traffic. This process involved the generation of labeled evaluation data based on the 1999 DARPA Intrusion Detection Evaluation data sets and two different supervised machine learning approaches for the assessment. The results of this evaluation conclude, that the IAS is not a convenient data source for advanced anomaly detection in the scope of our research.","PeriodicalId":375908,"journal":{"name":"2010 European Conference on Computer Network Defense","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2010-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 European Conference on Computer Network Defense","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EC2ND.2010.10","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Anomaly detection in computer networks is an actively researched topic in the field of intrusion detection. The Internet Analysis System (IAS) is a software framework which provides passive probes and centralized backend services to collect purely statistical network data in distributed computer networks. This paper presents an empirical evaluation of the IAS data format for detecting anomalies, caused by attack traffic. This process involved the generation of labeled evaluation data based on the 1999 DARPA Intrusion Detection Evaluation data sets and two different supervised machine learning approaches for the assessment. The results of this evaluation conclude, that the IAS is not a convenient data source for advanced anomaly detection in the scope of our research.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
