Detection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup

Size: px
Start display at page:

Download "Detection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup"

Transcription

1 Network Anomaly Detection A Machine Learning Perspective Dhruba Kumar Bhattacharyya Jugal Kumar KaKta»C) CRC Press J Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informs business A CHAPMAN & HALL BOOK

2 Contents List of Figures xv List of Tables xvii Preface xix Acknowledgments xxi Abstract xxiii Authors xxv 1 Introduction 1 11 The Internet and Modern Networks 3 12 Network Vulnerabilities 4 13 Anomalies and Anomalies in Networks 5 14 Machine Learning 7 15 Prior Work on Network Anomaly Detection 9 16 Contributions of This Book Organization 13 2 Networks and Anomalies Networking Basics Typical View of a Network Communication Media Guided Media Unguided Media Network Software Layered Architecture Connection-Oriented and Connection less Services Service Primitives Services and Protocols 22 vii

3 viii Contents 21A Reference Models The ISO OSI Reference Model TCP/IP Reference Model Protocols Transport Control Protocol User Datagram Protocol Internet Protocol (IP) SMTP SNMP ICMP FTP Telnet Types of Networks Local Area Networks (LAN) Wide Area Networks (WAN) Metropolitan Area Network (MAN) Wireless Networks Internetworks The Internet Scales of Networks Network Topologies Bus Ring Tree Star Hardware Components Network Communication Devices Network Interface Card (NIC) Transceivers Media Converter Network Performance Network Performance Constraints Network Performance Parameter Tun ing Performance Oriented System Design Protocols for Gigabit Networks Faster Processing of TPDU Anomalies in a Network Network Vulnerabilities 46

4 Contents ix Network Configuration Vulnerabilities 2212 Network Hardware Vulnerabilities 2213 Network Perimeter Vulnerabilities 2214 Network Monitoring and Logging Vul nerabilities Communication Vulnerabilities Wireless Connection Vulnerabilities Security-Related Network Anomalies Who Attacks Networks Precursors to an Attack Network Attacks Taxonomy Denial of Service (DoS) User to Root Attacks (U2R) Remote to Local (R2L) Probe Discussion 55 3 An Overview of Machine Learning Methods Introduction Types of Machine Learning Methods Supervised Learning: Some Popular Methods Decision and Regression Trees Classification and Regression Tree Support Vector Machines Unsupervised Learning Cluster Analysis Various Types of Data Proximity Measures Clustering Methods Discussion Outlier Mining Association Rule Learning Basic Concepts Frequent Itemset Mining Algorithms Rule Generation Algorithms Discussion Probabilistic Learning Learning Bayes Nets Simple Probabilistic Learning: Naive Bayes Hidden Markov Models 108

5 X Contents 354 Expectation Maximization Algorithm Soft Computing Artificial Neural Networks Rough Sets Fuzzy Logic Evolutionary Computation Ant Colony Optimization Reinforcement Learning Hybrid Learning Methods Discussion Detecting Anomalies in Network Data Detection of Network Anomalies Host-Based IDS (HIDS) Network-Based IDS (NIDS) Anomaly-Based Network Intrusion Detection Supervised Anomaly Detection Approach Issues Unsupervised Anomaly Detection Approach Issues Hybrid Detection Approach Issues Aspects of Network Anomaly Detection Proximity Measure and Types of Data Relevant Feature Identification Anomaly Score Datasets Public Datasets KDD Cup 1999 Dataset NSL-KDD Dataset Private Datasets: Collection and Preparation TUIDS Intrusion Dataset Network Simulation Discussion Feature Selection Feature Selection vs Feature Extraction Feature Relevance Advantages Applications of Feature Selection 160

6 Contents xi 541 Bioinformatics Network Security Text Categorization Biometrics Content-Based Image Retrieval Prior Surveys on Feature Selection A Comparison with Prior Surveys Problem Formulation Steps in Feature Selection Subset Generation Random Subset Generation Heuristic Subset Generation Complete Subset Generation Feature Subset Evaluation Dependent Criteria Independent Criteria Goodness Criteria Result Validation External Validation Internal Validation Feature Selection Methods: A Taxonomy Existing Methods of Feature Selection Statistical Feature Selection Information Theoretic Feature Selection Soft Computing Methods Clustering and Association Mining Approach Ensemble Approach Subset Evaluation Measures Inconsistency Rate Relevance Symmetric Uncertainty Dependency Fuzzy Entropy Hamming Loss Ranking Loss Systems and Tools for Feature Selection Discussion 189

7 xii Contents 6 Approaches to Network Anomaly Detection Network Anomaly Detection Methods Requirements Types of Network Anomaly Detection Methods Anomaly Detection Using Supervised Learning Parametric Methods Nonparametric Methods Anomaly Detection Using Unsupervised Learning 641 Clustering-Based Anomaly Detection Methods 642 Anomaly Detection Using the Outlier Mining 643 Anomaly Detection Using Association Mining 65 Anomaly Detection Using Probabilistic Learning Methods Using the Hidden Markov Model Methods Using Bayesian Networks Naive Bayes Methods Gaussian Mixture Model Methods Using the EM Algorithm Anomaly Detection Using Soft Computing Genetic Algorithm Approaches Artificial Neural Network Approaches Fuzzy Set Theoretic Approach Rough Set Approaches Ant Colony and AIS Approaches Knowledge in Anomaly Detection Expert System and Rule-Based Approaches Ontology- and Logic-Based Approaches Anomaly Detection Using Combination Learners 681 Ensemble Methods Fusion Methods Hybrid Methods Discussion Evaluation Methods Accuracy Sensitivity and Specificity Misclassification Rate Confusion Matrix Precision, Recall and F-measure Receiver Operating Characteristics Curves Performance 241

8 Contents xiii 73 Completeness Timeliness Stability Interoperability Data Quality, Validity and Reliability Alert Information Unknown Attacks Detection Updating References Discussion Tools and Systems Introduction Attacker's Motivation Steps in Attack Launching Launching and Detecting Attacks Attack Launching Tools and Systems 8132 Attack Detecting Tools and Systems 82 Attack Related Tools Taxonomy Information Gathering Tools Sniffing Tools Network Mapping or Scanning Tools Attack Launching Tools Trojans Denial of Service Attacks Packet Forging Attack Tools Application Layer Attack Tools Fingerprinting Attack Tools User Attack Tools Other Attack Tools Network Monitoring Tools Visualization Tools Attack Detection Systems Discussion Open Issues, Challenges and Concluding Remarks Runtime Limitations for Anomaly Detection Systems Reducing the False Alarm Rate Issues in Dimensionality Reduction Computational Needs of Network Defense Mechanisms 291

9 xiv Contents 95 Designing Generic Anomaly Detection Systems Handling Sophisticated Anomalies Adaptability to Unknown Attacks Detecting and Handling Large-Scale Attacks Infrastructure Attacks High Intensity Attacks More Inventive Attacks Concluding Remarks 293 References 295 Index 337

Mining. Practical. Data. Monte F. Hancock, Jr. Chief Scientist, Celestech, Inc. CRC Press. Taylor & Francis Group

Mining. Practical. Data. Monte F. Hancock, Jr. Chief Scientist, Celestech, Inc. CRC Press. Taylor & Francis Group Practical Data Mining Monte F. Hancock, Jr. Chief Scientist, Celestech, Inc. CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor Ei Francis Group, an Informs

More information

Network Intrusion Detection and Prevention

Network Intrusion Detection and Prevention Ali A. Ghorbani Wei Lu Mahbod Tavallaee Network Intrusion Detection and Prevention Concepts and Techniques )Spri inger Contents 1 Network Attacks 1 1.1 Attack Taxonomies 2 1.2 Probes 4 1.2.1 IPSweep and

More information

Conclusions and Future Directions

Conclusions and Future Directions Chapter 9 This chapter summarizes the thesis with discussion of (a) the findings and the contributions to the state-of-the-art in the disciplines covered by this work, and (b) future work, those directions

More information

Advances in Network Management

Advances in Network Management Advances in Network Management Jianguo Ding UC) CRC Press >5^ J Taylor & Francis Croup ^""""^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an informa business AN AUERBACH

More information

Network Anomaly. Detection. A Machine Learning Perspective

Network Anomaly. Detection. A Machine Learning Perspective Network Anomaly Detection A Machine Learning Perspective This page intentionally left blank Network Anomaly Detection A Machine Learning Perspective Dhruba Kumar Bhattacharyya Jugal Kumar Kalita MATLAB

More information

Customer and Business Analytic

Customer and Business Analytic Customer and Business Analytic Applied Data Mining for Business Decision Making Using R Daniel S. Putler Robert E. Krider CRC Press Taylor &. Francis Group Boca Raton London New York CRC Press is an imprint

More information

A Review of Anomaly Detection Techniques in Network Intrusion Detection System

A Review of Anomaly Detection Techniques in Network Intrusion Detection System A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In

More information

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the

Networking. Systems Design and. Development. CRC Press. Taylor & Francis Croup. Boca Raton London New York. CRC Press is an imprint of the Networking Systems Design and Development Lee Chao CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK

More information

Intrusion Detection. Jeffrey J.P. Tsai. Imperial College Press. A Machine Learning Approach. Zhenwei Yu. University of Illinois, Chicago, USA

Intrusion Detection. Jeffrey J.P. Tsai. Imperial College Press. A Machine Learning Approach. Zhenwei Yu. University of Illinois, Chicago, USA SERIES IN ELECTRICAL AND COMPUTER ENGINEERING Intrusion Detection A Machine Learning Approach Zhenwei Yu University of Illinois, Chicago, USA Jeffrey J.P. Tsai Asia University, University of Illinois,

More information

Implementation of Intelligent Techniques for Intrusion Detection Systems

Implementation of Intelligent Techniques for Intrusion Detection Systems Ain Shams University Faculty of Computer & Information Sciences Implementation of Intelligent Techniques for Intrusion Detection Systems A Thesis Submitted to Department of Computer Science In partial

More information

International Journal of Computer Science Trends and Technology (IJCST) Volume 2 Issue 3, May-Jun 2014

International Journal of Computer Science Trends and Technology (IJCST) Volume 2 Issue 3, May-Jun 2014 RESEARCH ARTICLE OPEN ACCESS A Survey of Data Mining: Concepts with Applications and its Future Scope Dr. Zubair Khan 1, Ashish Kumar 2, Sunny Kumar 3 M.Tech Research Scholar 2. Department of Computer

More information

01219211 Software Development Training Camp 1 (0-3) Prerequisite : 01204214 Program development skill enhancement camp, at least 48 person-hours.

01219211 Software Development Training Camp 1 (0-3) Prerequisite : 01204214 Program development skill enhancement camp, at least 48 person-hours. (International Program) 01219141 Object-Oriented Modeling and Programming 3 (3-0) Object concepts, object-oriented design and analysis, object-oriented analysis relating to developing conceptual models

More information

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer Joseph Migga Kizza A Guide to Computer Network Security 4) Springer Contents Part I Understanding Computer Network Security 1 Computer Network Fundamentals 1.1 Introduction 1.2 Computer Network Models

More information

life science data mining

life science data mining life science data mining - '.)'-. < } ti» (>.:>,u» c ~'editors Stephen Wong Harvard Medical School, USA Chung-Sheng Li /BM Thomas J Watson Research Center World Scientific NEW JERSEY LONDON SINGAPORE.

More information

Data Mining for Network Intrusion Detection

Data Mining for Network Intrusion Detection Data Mining for Network Intrusion Detection S Terry Brugger UC Davis Department of Computer Science Data Mining for Network Intrusion Detection p.1/55 Overview This is important for defense in depth Much

More information

A Survey on Intrusion Detection System with Data Mining Techniques

A Survey on Intrusion Detection System with Data Mining Techniques A Survey on Intrusion Detection System with Data Mining Techniques Ms. Ruth D 1, Mrs. Lovelin Ponn Felciah M 2 1 M.Phil Scholar, Department of Computer Science, Bishop Heber College (Autonomous), Trichirappalli,

More information

Networking. Cloud and Virtual. Data Storage. Greg Schulz. Your journey. effective information services. to efficient and.

Networking. Cloud and Virtual. Data Storage. Greg Schulz. Your journey. effective information services. to efficient and. Cloud and Virtual Data Storage Networking Your journey to efficient and effective information services Greg Schulz CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of

More information

Network System Design Lesson Objectives

Network System Design Lesson Objectives Network System Design Lesson Unit 1: INTRODUCTION TO NETWORK DESIGN Assignment Customer Needs and Goals Identify the purpose and parts of a good customer needs report. Gather information to identify network

More information

A survey on Data Mining based Intrusion Detection Systems

A survey on Data Mining based Intrusion Detection Systems International Journal of Computer Networks and Communications Security VOL. 2, NO. 12, DECEMBER 2014, 485 490 Available online at: www.ijcncs.org ISSN 2308-9830 A survey on Data Mining based Intrusion

More information

NETWORK INTRUSION DETECTION SYSTEM USING HYBRID CLASSIFICATION MODEL

NETWORK INTRUSION DETECTION SYSTEM USING HYBRID CLASSIFICATION MODEL NETWORK INTRUSION DETECTION SYSTEM USING HYBRID CLASSIFICATION MODEL Prof. Santosh T. Waghmode 1, Prof. Vinod S. Wadne 2 Department of Computer Engineering, 1, 2 JSPM s Imperial College of Engineering

More information

Role of Anomaly IDS in Network

Role of Anomaly IDS in Network Role of Anomaly IDS in Network SumathyMurugan 1, Dr.M.Sundara Rajan 2 1 Asst. Prof, Department of Computer Science, Thiruthangal Nadar College, Chennai -51. 2 Asst. Prof, Department of Computer Science,

More information

SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL

SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK. A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL SECOND EDITION THE SECURITY RISK ASSESSMENT HANDBOOK A Complete Guide for Performing Security Risk Assessments DOUGLAS J. LANDOLL CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is

More information

Contents. Dedication List of Figures List of Tables. Acknowledgments

Contents. Dedication List of Figures List of Tables. Acknowledgments Contents Dedication List of Figures List of Tables Foreword Preface Acknowledgments v xiii xvii xix xxi xxv Part I Concepts and Techniques 1. INTRODUCTION 3 1 The Quest for Knowledge 3 2 Problem Description

More information

Hybrid Model For Intrusion Detection System Chapke Prajkta P., Raut A. B.

Hybrid Model For Intrusion Detection System Chapke Prajkta P., Raut A. B. www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume1 Issue 3 Dec 2012 Page No. 151-155 Hybrid Model For Intrusion Detection System Chapke Prajkta P., Raut A. B.

More information

Computer Networks Vs. Distributed Systems

Computer Networks Vs. Distributed Systems Computer Networks Vs. Distributed Systems Computer Networks: A computer network is an interconnected collection of autonomous computers able to exchange information. A computer network usually require

More information

STUDY OF IMPLEMENTATION OF INTRUSION DETECTION SYSTEM (IDS) VIA DIFFERENT APPROACHS

STUDY OF IMPLEMENTATION OF INTRUSION DETECTION SYSTEM (IDS) VIA DIFFERENT APPROACHS STUDY OF IMPLEMENTATION OF INTRUSION DETECTION SYSTEM (IDS) VIA DIFFERENT APPROACHS SACHIN MALVIYA Student, Department of Information Technology, Medicaps Institute of Science & Technology, INDORE (M.P.)

More information

Data Mining: Concepts and Techniques. Jiawei Han. Micheline Kamber. Simon Fräser University К MORGAN KAUFMANN PUBLISHERS. AN IMPRINT OF Elsevier

Data Mining: Concepts and Techniques. Jiawei Han. Micheline Kamber. Simon Fräser University К MORGAN KAUFMANN PUBLISHERS. AN IMPRINT OF Elsevier Data Mining: Concepts and Techniques Jiawei Han Micheline Kamber Simon Fräser University К MORGAN KAUFMANN PUBLISHERS AN IMPRINT OF Elsevier Contents Foreword Preface xix vii Chapter I Introduction I I.

More information

CS 2750 Machine Learning. Lecture 1. Machine Learning. http://www.cs.pitt.edu/~milos/courses/cs2750/ CS 2750 Machine Learning.

CS 2750 Machine Learning. Lecture 1. Machine Learning. http://www.cs.pitt.edu/~milos/courses/cs2750/ CS 2750 Machine Learning. Lecture Machine Learning Milos Hauskrecht milos@cs.pitt.edu 539 Sennott Square, x5 http://www.cs.pitt.edu/~milos/courses/cs75/ Administration Instructor: Milos Hauskrecht milos@cs.pitt.edu 539 Sennott

More information

DATA MINING IN FINANCE

DATA MINING IN FINANCE DATA MINING IN FINANCE Advances in Relational and Hybrid Methods by BORIS KOVALERCHUK Central Washington University, USA and EVGENII VITYAEV Institute of Mathematics Russian Academy of Sciences, Russia

More information

Security, and Intelligence

Security, and Intelligence Machine Learning Forensics for Law Enforcement, Security, and Intelligence Jesus Mena CRC Press Taylor &. Francis Group Boca Raton London NewYork CRC Press is an imprint of the Taylor & Francis Croup,

More information

CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT. Software Test Attacks to Break Mobile and Embedded Devices

CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT. Software Test Attacks to Break Mobile and Embedded Devices CHAPMAN & HALL/CRC INNOVATIONS IN SOFTWARE ENGINEERING AND SOFTWARE DEVELOPMENT Software Test Attacks to Break Mobile and Embedded Devices Jon Duncan Hagar (g) CRC Press Taylor & Francis Group Boca Raton

More information

Client Server Computing

Client Server Computing Client Server Computing Architecture, Applications and Distribution System Devendra Kumar GLOBAL VISION PUBLISHING HOUSE 20, Ansari Road, Daryaganj, New Delhi-110002 (INDIA) Contents Acknowledgement (vii)

More information

Practical Applications of DATA MINING. Sang C Suh Texas A&M University Commerce JONES & BARTLETT LEARNING

Practical Applications of DATA MINING. Sang C Suh Texas A&M University Commerce JONES & BARTLETT LEARNING Practical Applications of DATA MINING Sang C Suh Texas A&M University Commerce r 3 JONES & BARTLETT LEARNING Contents Preface xi Foreword by Murat M.Tanik xvii Foreword by John Kocur xix Chapter 1 Introduction

More information

A new Approach for Intrusion Detection in Computer Networks Using Data Mining Technique

A new Approach for Intrusion Detection in Computer Networks Using Data Mining Technique A new Approach for Intrusion Detection in Computer Networks Using Data Mining Technique Aida Parbaleh 1, Dr. Heirsh Soltanpanah 2* 1 Department of Computer Engineering, Islamic Azad University, Sanandaj

More information

Build Your Own Security Lab

Build Your Own Security Lab Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers

More information

Principles of Data Mining by Hand&Mannila&Smyth

Principles of Data Mining by Hand&Mannila&Smyth Principles of Data Mining by Hand&Mannila&Smyth Slides for Textbook Ari Visa,, Institute of Signal Processing Tampere University of Technology October 4, 2010 Data Mining: Concepts and Techniques 1 Differences

More information

The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack

The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack Asnita Hashim, University of Technology MARA, Malaysia April 14-15, 2011 The Integration of SNORT with K-Means Clustering

More information

Cloud Computing. and Scheduling. Data-Intensive Computing. Frederic Magoules, Jie Pan, and Fei Teng SILKQH. CRC Press. Taylor & Francis Group

Cloud Computing. and Scheduling. Data-Intensive Computing. Frederic Magoules, Jie Pan, and Fei Teng SILKQH. CRC Press. Taylor & Francis Group Cloud Computing Data-Intensive Computing and Scheduling Frederic Magoules, Jie Pan, and Fei Teng SILKQH CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor

More information

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University Module II. Internet Security Chapter 7 Intrusion Detection Web Security: Theory & Applications School of Software, Sun Yat-sen University Outline 7.1 Threats to Computer System 7.2 Process of Intrusions

More information

CLASSIFYING NETWORK TRAFFIC IN THE BIG DATA ERA

CLASSIFYING NETWORK TRAFFIC IN THE BIG DATA ERA CLASSIFYING NETWORK TRAFFIC IN THE BIG DATA ERA Professor Yang Xiang Network Security and Computing Laboratory (NSCLab) School of Information Technology Deakin University, Melbourne, Australia http://anss.org.au/nsclab

More information

Classification Algorithms in Intrusion Detection System: A Survey

Classification Algorithms in Intrusion Detection System: A Survey Classification Algorithms in Intrusion Detection System: A Survey V. Jaiganesh 1 Dr. P. Sumathi 2 A.Vinitha 3 1 Doctoral Research Scholar, Department of Computer Science, Manonmaniam Sundaranar University,

More information

Testing Of Network Intrusion Detection System

Testing Of Network Intrusion Detection System Testing Of Network Intrusion Detection System B.S.Chaitanya Vamsee Pavan KL University,Vijayawada Andhara Pradesh,India bscvpavan369@gmail.com M.Nalini Sri KL University,Vijayawada Andhara Pradesh,India

More information

Introduction to Data Mining and Machine Learning Techniques. Iza Moise, Evangelos Pournaras, Dirk Helbing

Introduction to Data Mining and Machine Learning Techniques. Iza Moise, Evangelos Pournaras, Dirk Helbing Introduction to Data Mining and Machine Learning Techniques Iza Moise, Evangelos Pournaras, Dirk Helbing Iza Moise, Evangelos Pournaras, Dirk Helbing 1 Overview Main principles of data mining Definition

More information

Hybrid Intrusion Detection System Model using Clustering, Classification and Decision Table

Hybrid Intrusion Detection System Model using Clustering, Classification and Decision Table IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 9, Issue 4 (Mar. - Apr. 2013), PP 103-107 Hybrid Intrusion Detection System Model using Clustering, Classification

More information

Integration Misuse and Anomaly Detection Techniques on Distributed Sensors

Integration Misuse and Anomaly Detection Techniques on Distributed Sensors Integration Misuse and Anomaly Detection Techniques on Distributed Sensors Shih-Yi Tu Chung-Huang Yang Kouichi Sakurai Graduate Institute of Information and Computer Education, National Kaohsiung Normal

More information

An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks

An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks 2011 International Conference on Network and Electronics Engineering IPCSIT vol.11 (2011) (2011) IACSIT Press, Singapore An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks Reyhaneh

More information

Hybrid Intrusion Detection System Using K-Means Algorithm

Hybrid Intrusion Detection System Using K-Means Algorithm International Journal of Computer Sciences and Engineering Open Access Review Paper Volume-4, Issue-3 E-ISSN: 2347-2693 Hybrid Intrusion Detection System Using K-Means Algorithm Darshan K. Dagly 1*, Rohan

More information

INTRUSION DETECTION SYSTEMS and Network Security

INTRUSION DETECTION SYSTEMS and Network Security INTRUSION DETECTION SYSTEMS and Network Security Intrusion Detection System IDS A layered network security approach starts with : A well secured system which starts with: Up-to-date application and OS

More information

CREATING A THIRD EDITION DAVID MANN

CREATING A THIRD EDITION DAVID MANN CREATING A LEAN CULTURE Tools to Sustain Lean Conversions THIRD EDITION DAVID MANN CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Group, an

More information

ELEC3030 Computer Networks

ELEC3030 Computer Networks ELEC3030 Computer Networks Professor Sheng Chen: Building 86, Room 1021 E-mail: sqc@ecs.soton.ac.uk Download lecture slides from: http://www.ecs.soton.ac.uk/ sqc/el336/ or get them from Course Office (ECS

More information

Introduction of Intrusion Detection Systems

Introduction of Intrusion Detection Systems Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:

More information

Performance Evaluation of Intrusion Detection Systems

Performance Evaluation of Intrusion Detection Systems Performance Evaluation of Intrusion Detection Systems Waleed Farag & Sanwar Ali Department of Computer Science at Indiana University of Pennsylvania ABIT 2006 Outline Introduction: Intrusion Detection

More information

Network Based Intrusion Detection Using Honey pot Deception

Network Based Intrusion Detection Using Honey pot Deception Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.

More information

Quality Management. Theory and Application PETER D. MAUCH. Ltfi) CRC Press. \ V J Taylor & Francis Group. ^ ^ Boca Raton London New York

Quality Management. Theory and Application PETER D. MAUCH. Ltfi) CRC Press. \ V J Taylor & Francis Group. ^ ^ Boca Raton London New York Quality Management Theory and Application PETER D. MAUCH Ltfi) CRC Press \ V J Taylor & Francis Group ^ ^ Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Group, an Informa business

More information

Intrusion Detection System for Cloud Network Using FC-ANN Algorithm

Intrusion Detection System for Cloud Network Using FC-ANN Algorithm Intrusion Detection System for Cloud Network Using FC-ANN Algorithm Swati Ramteke 1, Rajesh Dongare 2, Komal Ramteke 3 Student, Department of Information Technology, VIIT, Pune, India 1 Student, Department

More information

AUTO CLAIM FRAUD DETECTION USING MULTI CLASSIFIER SYSTEM

AUTO CLAIM FRAUD DETECTION USING MULTI CLASSIFIER SYSTEM AUTO CLAIM FRAUD DETECTION USING MULTI CLASSIFIER SYSTEM ABSTRACT Luis Alexandre Rodrigues and Nizam Omar Department of Electrical Engineering, Mackenzie Presbiterian University, Brazil, São Paulo 71251911@mackenzie.br,nizam.omar@mackenzie.br

More information

Intrusion Detection using Artificial Neural Networks with Best Set of Features

Intrusion Detection using Artificial Neural Networks with Best Set of Features 728 The International Arab Journal of Information Technology, Vol. 12, No. 6A, 2015 Intrusion Detection using Artificial Neural Networks with Best Set of Features Kaliappan Jayakumar 1, Thiagarajan Revathi

More information

Development of a Network Intrusion Detection System

Development of a Network Intrusion Detection System Development of a Network Intrusion Detection System (I): Agent-based Design (FLC1) (ii): Detection Algorithm (FLC2) Supervisor: Dr. Korris Chung Please visit my personal homepage www.comp.polyu.edu.hk/~cskchung/fyp04-05/

More information

OUTLIER ANALYSIS. Data Mining 1

OUTLIER ANALYSIS. Data Mining 1 OUTLIER ANALYSIS Data Mining 1 What Are Outliers? Outlier: A data object that deviates significantly from the normal objects as if it were generated by a different mechanism Ex.: Unusual credit card purchase,

More information

International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 3, May-June 2015

International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 3, May-June 2015 RESEARCH ARTICLE OPEN ACCESS Data Mining Technology for Efficient Network Security Management Ankit Naik [1], S.W. Ahmad [2] Student [1], Assistant Professor [2] Department of Computer Science and Engineering

More information

COPYRIGHTED MATERIAL. Contents. List of Figures. Acknowledgments

COPYRIGHTED MATERIAL. Contents. List of Figures. Acknowledgments Contents List of Figures Foreword Preface xxv xxiii xv Acknowledgments xxix Chapter 1 Fraud: Detection, Prevention, and Analytics! 1 Introduction 2 Fraud! 2 Fraud Detection and Prevention 10 Big Data for

More information

Doctor of Philosophy in Computer Science

Doctor of Philosophy in Computer Science Doctor of Philosophy in Computer Science Background/Rationale The program aims to develop computer scientists who are armed with methods, tools and techniques from both theoretical and systems aspects

More information

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of

More information

An analysis of suitable parameters for efficiently applying K-means clustering to large TCPdump data set using Hadoop framework

An analysis of suitable parameters for efficiently applying K-means clustering to large TCPdump data set using Hadoop framework An analysis of suitable parameters for efficiently applying K-means clustering to large TCPdump data set using Hadoop framework Jakrarin Therdphapiyanak Dept. of Computer Engineering Chulalongkorn University

More information

DATA ANALYTICS USING R

DATA ANALYTICS USING R DATA ANALYTICS USING R Duration: 90 Hours Intended audience and scope: The course is targeted at fresh engineers, practicing engineers and scientists who are interested in learning and understanding data

More information

Social Media Mining. Data Mining Essentials

Social Media Mining. Data Mining Essentials Introduction Data production rate has been increased dramatically (Big Data) and we are able store much more data than before E.g., purchase data, social media data, mobile phone data Businesses and customers

More information

Developing. and Securing. the Cloud. Bhavani Thuraisingham CRC. Press. Taylor & Francis Group. Taylor & Francis Croup, an Informs business

Developing. and Securing. the Cloud. Bhavani Thuraisingham CRC. Press. Taylor & Francis Group. Taylor & Francis Croup, an Informs business Developing and Securing the Cloud Bhavani Thuraisingham @ CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informs business AN AUERBACH

More information

International Journal of Innovative Research in Advanced Engineering (IJIRAE) ISSN: 2349-2163 Volume 1 Issue 11 (November 2014)

International Journal of Innovative Research in Advanced Engineering (IJIRAE) ISSN: 2349-2163 Volume 1 Issue 11 (November 2014) Denial-of-Service Attack Detection Mangesh D. Salunke * Prof. Ruhi Kabra G.H.Raisoni CEM, SPPU, Ahmednagar HOD, G.H.Raisoni CEM, SPPU,Ahmednagar Abstract: A DoS (Denial of Service) attack as name indicates

More information

Contents. vii. Preface. P ART I THE HONEYNET 1 Chapter 1 The Beginning 3. Chapter 2 Honeypots 17. xix

Contents. vii. Preface. P ART I THE HONEYNET 1 Chapter 1 The Beginning 3. Chapter 2 Honeypots 17. xix Honeynet2_bookTOC.fm Page vii Monday, May 3, 2004 12:00 PM Contents Preface Foreword xix xxvii P ART I THE HONEYNET 1 Chapter 1 The Beginning 3 The Honeynet Project 3 The Information Security Environment

More information

An Evaluation of Machine Learning Method for Intrusion Detection System Using LOF on Jubatus

An Evaluation of Machine Learning Method for Intrusion Detection System Using LOF on Jubatus An Evaluation of Machine Learning Method for Intrusion Detection System Using LOF on Jubatus Tadashi Ogino* Okinawa National College of Technology, Okinawa, Japan. * Corresponding author. Email: ogino@okinawa-ct.ac.jp

More information

Machine Learning and Data Analysis overview. Department of Cybernetics, Czech Technical University in Prague. http://ida.felk.cvut.

Machine Learning and Data Analysis overview. Department of Cybernetics, Czech Technical University in Prague. http://ida.felk.cvut. Machine Learning and Data Analysis overview Jiří Kléma Department of Cybernetics, Czech Technical University in Prague http://ida.felk.cvut.cz psyllabus Lecture Lecturer Content 1. J. Kléma Introduction,

More information

Introduction to Data Mining

Introduction to Data Mining Introduction to Data Mining 1 Why Data Mining? Explosive Growth of Data Data collection and data availability Automated data collection tools, Internet, smartphones, Major sources of abundant data Business:

More information

Data Mining Algorithms Part 1. Dejan Sarka

Data Mining Algorithms Part 1. Dejan Sarka Data Mining Algorithms Part 1 Dejan Sarka Join the conversation on Twitter: @DevWeek #DW2015 Instructor Bio Dejan Sarka (dsarka@solidq.com) 30 years of experience SQL Server MVP, MCT, 13 books 7+ courses

More information

CLASSIFICATION AND CLUSTERING. Anveshi Charuvaka

CLASSIFICATION AND CLUSTERING. Anveshi Charuvaka CLASSIFICATION AND CLUSTERING Anveshi Charuvaka Learning from Data Classification Regression Clustering Anomaly Detection Contrast Set Mining Classification: Definition Given a collection of records (training

More information

A Survey of Intrusion Detection System Using Different Data Mining Techniques

A Survey of Intrusion Detection System Using Different Data Mining Techniques A Survey of Intrusion Detection System Using Different Data Mining Techniques Trupti Phutane, Apashabi Pathan Dept. of Computer Engineering, G.H.Raisoni College of Engineering & Management, Wagholi, India

More information

inet Enterprise Features Fact Sheet

inet Enterprise Features Fact Sheet 2007 inet Enterprise Features Fact Sheet inetmon Sdn. Bhd. 1010 & 1011, Tingkat 10 Blok D, Dataran Usahawan Kelana,17, Jalan SS 7/26, Kelana Jaya, 47301 Petaling Jaya, Selangor Darul Ehsan Tel: 603-7880

More information

Taxonomy of Intrusion Detection System

Taxonomy of Intrusion Detection System Taxonomy of Intrusion Detection System Monika Sharma, Sumit Sharma Abstract During the past years, security of computer networks has become main stream in most of everyone's lives. Nowadays as the use

More information

KEITH LEHNERT AND ERIC FRIEDRICH

KEITH LEHNERT AND ERIC FRIEDRICH MACHINE LEARNING CLASSIFICATION OF MALICIOUS NETWORK TRAFFIC KEITH LEHNERT AND ERIC FRIEDRICH 1. Introduction 1.1. Intrusion Detection Systems. In our society, information systems are everywhere. They

More information

Network Machine Learning Research Group. Intended status: Informational October 19, 2015 Expires: April 21, 2016

Network Machine Learning Research Group. Intended status: Informational October 19, 2015 Expires: April 21, 2016 Network Machine Learning Research Group S. Jiang Internet-Draft Huawei Technologies Co., Ltd Intended status: Informational October 19, 2015 Expires: April 21, 2016 Abstract Network Machine Learning draft-jiang-nmlrg-network-machine-learning-00

More information

THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT

THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT THE COMPLETE PROJECT MANAGEMENT METHODOLOGY AND TOOLKIT GERARD M. HILL CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an informa business

More information

Azure Machine Learning, SQL Data Mining and R

Azure Machine Learning, SQL Data Mining and R Azure Machine Learning, SQL Data Mining and R Day-by-day Agenda Prerequisites No formal prerequisites. Basic knowledge of SQL Server Data Tools, Excel and any analytical experience helps. Best of all:

More information

Master of Science in Computer Science

Master of Science in Computer Science Master of Science in Computer Science Background/Rationale The MSCS program aims to provide both breadth and depth of knowledge in the concepts and techniques related to the theory, design, implementation,

More information

Parallel Computing for Data Science

Parallel Computing for Data Science Parallel Computing for Data Science With Examples in R, C++ and CUDA Norman Matloff University of California, Davis USA (g) CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint

More information

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski

Denial of Service attacks: analysis and countermeasures. Marek Ostaszewski Denial of Service attacks: analysis and countermeasures Marek Ostaszewski DoS - Introduction Denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended

More information

Data Clustering. Dec 2nd, 2013 Kyrylo Bessonov

Data Clustering. Dec 2nd, 2013 Kyrylo Bessonov Data Clustering Dec 2nd, 2013 Kyrylo Bessonov Talk outline Introduction to clustering Types of clustering Supervised Unsupervised Similarity measures Main clustering algorithms k-means Hierarchical Main

More information

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press

RESILIENT. SECURE and SOFTWARE. Requirements, Test Cases, and Testing Methods. Mark S. Merkow and Lakshmikanth Raghavan. CRC Press SECURE and RESILIENT SOFTWARE Requirements, Test Cases, and Testing Methods Mark S. Merkow and Lakshmikanth Raghavan CRC Press Taylor & Francis Group Boca Raton London New York CRC Press Is an imprint

More information

Survey of Data Mining Approach using IDS

Survey of Data Mining Approach using IDS Survey of Data Mining Approach using IDS 1 Raman kamboj, 2 Kamal Kumar Research Scholar, Assistant Professor SDDIET, Department of Computer Science & Engineering, Kurukshetra Universty Abstract - In our

More information

CNA 432/532 OSI Layers Security

CNA 432/532 OSI Layers Security CNA 432/532 OSI Layers Location: ECC 116 Days: Thursday Semester: Fall 2012 Times: 5:00-7:50 pm Professor: Dr. Amos Olagunju E-mail: aoolagunju@stcloudstate.edu Office Hrs: 3-4 MW, Office: ECC256 Other

More information

MS1b Statistical Data Mining

MS1b Statistical Data Mining MS1b Statistical Data Mining Yee Whye Teh Department of Statistics Oxford http://www.stats.ox.ac.uk/~teh/datamining.html Outline Administrivia and Introduction Course Structure Syllabus Introduction to

More information

NEURAL NETWORKS A Comprehensive Foundation

NEURAL NETWORKS A Comprehensive Foundation NEURAL NETWORKS A Comprehensive Foundation Second Edition Simon Haykin McMaster University Hamilton, Ontario, Canada Prentice Hall Prentice Hall Upper Saddle River; New Jersey 07458 Preface xii Acknowledgments

More information

IDS IN TELECOMMUNICATION NETWORK USING PCA

IDS IN TELECOMMUNICATION NETWORK USING PCA IDS IN TELECOMMUNICATION NETWORK USING PCA Mohamed Faisal Elrawy 1, T. K. Abdelhamid 2 and A. M. Mohamed 3 1 Faculty of engineering, MUST University, 6th Of October, Egypt eng_faisal1989@yahoo.com 2,3

More information

Title. Introduction to Data Mining. Dr Arulsivanathan Naidoo Statistics South Africa. OECD Conference Cape Town 8-10 December 2010.

Title. Introduction to Data Mining. Dr Arulsivanathan Naidoo Statistics South Africa. OECD Conference Cape Town 8-10 December 2010. Title Introduction to Data Mining Dr Arulsivanathan Naidoo Statistics South Africa OECD Conference Cape Town 8-10 December 2010 1 Outline Introduction Statistics vs Knowledge Discovery Predictive Modeling

More information

CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing

CS Master Level Courses and Areas COURSE DESCRIPTIONS. CSCI 521 Real-Time Systems. CSCI 522 High Performance Computing CS Master Level Courses and Areas The graduate courses offered may change over time, in response to new developments in computer science and the interests of faculty and students; the list of graduate

More information

Advancement in Virtualization Based Intrusion Detection System in Cloud Environment

Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,

More information

Development and Management

Development and Management Cloud Database Development and Management Lee Chao CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis Croup, an Informa business AN AUERBACH BOOK

More information

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business

Engineering Design. Software. Theory and Practice. Carlos E. Otero. CRC Press. Taylor & Francis Croup. Taylor St Francis Croup, an Informa business Software Engineering Design Theory and Practice Carlos E. Otero CRC Press Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor St Francis Croup, an Informa business AN

More information

Performance Analysis of Naive Bayes and J48 Classification Algorithm for Data Classification

Performance Analysis of Naive Bayes and J48 Classification Algorithm for Data Classification Performance Analysis of Naive Bayes and J48 Classification Algorithm for Data Classification Tina R. Patil, Mrs. S. S. Sherekar Sant Gadgebaba Amravati University, Amravati tnpatil2@gmail.com, ss_sherekar@rediffmail.com

More information

Intrusion Detection System using Log Files and Reinforcement Learning

Intrusion Detection System using Log Files and Reinforcement Learning Intrusion Detection System using Log Files and Reinforcement Learning Bhagyashree Deokar, Ambarish Hazarnis Department of Computer Engineering K. J. Somaiya College of Engineering, Mumbai, India ABSTRACT

More information

CS419 Computer Security

CS419 Computer Security CS419 Computer Security Vinod Ganapathy Topic: Intrusion Detection and Firewalls Security Intrusion & Detection Security Intrusion a security event, or combination of multiple security events, that constitutes

More information

Data Mining - Evaluation of Classifiers

Data Mining - Evaluation of Classifiers Data Mining - Evaluation of Classifiers Lecturer: JERZY STEFANOWSKI Institute of Computing Sciences Poznan University of Technology Poznan, Poland Lecture 4 SE Master Course 2008/2009 revised for 2010

More information