Network Anomalies Detection Approach Based on Weighted Voting

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING International Journal of Information Security and Privacy Pub Date : 2022-01-01 DOI:10.4018/ijisp.2022010105
S. Sakulin, Alexander Alfimtsev, K. Kvitchenko, Leonid Dobkacz, Yuri Kalgin, Igor I. Lychkov
{"title":"Network Anomalies Detection Approach Based on Weighted Voting","authors":"S. Sakulin, Alexander Alfimtsev, K. Kvitchenko, Leonid Dobkacz, Yuri Kalgin, Igor I. Lychkov","doi":"10.4018/ijisp.2022010105","DOIUrl":null,"url":null,"abstract":"To avoid information systems malfunction, their integrity disruption, availability violation as well as data confidentiality, it is necessary to detect anomalies in information system operation as quickly as possible. The anomalies are usually caused by malicious activity – information systems attacks. However, the current approaches to detect anomalies in information systems functioning have never been perfect. In particular, statistical and signature-based techniques do not allow detection of anomalies based on modifications of well-known attacks, dynamic approaches based on machine learning techniques result in false responses and frequent anomaly miss-outs. Therefore, various hybrid solutions are being frequently offered on the basis of those two approaches. The paper suggests a hybrid approach to detect anomalies by combining computationally efficient classifiers of machine learning with accuracy increase due to weighted voting. Pilot evaluation of the developed approach proved its feasibility for anomaly detection systems.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"16 1","pages":"1-17"},"PeriodicalIF":0.5000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijisp.2022010105","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 3

Abstract

To avoid information systems malfunction, their integrity disruption, availability violation as well as data confidentiality, it is necessary to detect anomalies in information system operation as quickly as possible. The anomalies are usually caused by malicious activity – information systems attacks. However, the current approaches to detect anomalies in information systems functioning have never been perfect. In particular, statistical and signature-based techniques do not allow detection of anomalies based on modifications of well-known attacks, dynamic approaches based on machine learning techniques result in false responses and frequent anomaly miss-outs. Therefore, various hybrid solutions are being frequently offered on the basis of those two approaches. The paper suggests a hybrid approach to detect anomalies by combining computationally efficient classifiers of machine learning with accuracy increase due to weighted voting. Pilot evaluation of the developed approach proved its feasibility for anomaly detection systems.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
基于加权投票的网络异常检测方法
为了避免信息系统的故障、完整性破坏、可用性侵犯和数据保密性,需要尽快发现信息系统运行中的异常。异常通常是由恶意活动——信息系统攻击——引起的。然而,目前检测信息系统功能异常的方法从来都不是完美的。特别是,基于统计和签名的技术不允许基于已知攻击的修改来检测异常,基于机器学习技术的动态方法导致错误的响应和频繁的异常遗漏。因此,在这两种方法的基础上,经常提供各种混合解决方案。本文提出了一种混合方法,通过将计算效率高的机器学习分类器与加权投票的准确性提高相结合来检测异常。对该方法的中试评价证明了其在异常检测系统中的可行性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
International Journal of Information Security and Privacy
International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-
CiteScore
2.50
自引率
0.00%
发文量
73
期刊介绍: As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.
期刊最新文献
Adaptive Personalized Randomized Response Method Based on Local Differential Privacy A Novel CNN-LSTM Fusion-Based Intrusion Detection Method for Industrial Internet A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors Trust and Voice Biometrics Authentication for Internet of Things “Every Dog Has His Day”
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1