A nonlinear correlation measure for intrusion detection

Mohammed Ambusaidi, Liang Fu Lu, Xiangjian He, Zhiyuan Tan, Aruna Jamdagni, Priyadarsi Nanda

    Research output: Chapter in Book / Conference PaperConference Paper

    Abstract

    ![CDATA[The popularity of using internet contains some risks of network attacks. It has attracted the attention of many researchers to overcome this problem. One of the effective ways that plays an important role to achieve higher security and protect networks against attacks is the use of intrusion detection systems. Intrusion detection systems are defined as security techniques that tend to detect individuals who are trying to sneak into a system without authorization. However, one technical challenge in intrusion detection systems is high rate of false positive alarms which affect their performance. To solve this problem, we propose an effective method, which can accurately find the correlation between network records. In this work, we compare the results using a linear measure and a nonlinear measure based on correlation coefficient and mutual information. Experiments on KDD Cup 99 data set show that our proposed method using the nonlinear correlation measure can not only reduce the rate of false alarms but also efficiently distinguish normal and abnormal behaviors, and provide higher detection and accuracy rate then using the linear correlation measure.]]
    Original languageEnglish
    Title of host publicationThe 7th International Conference on Frontier of Computer Science and Technology (FCST-12): 21-23 November 2012, Suzhou, China
    PublisherIEEE
    Number of pages6
    Publication statusPublished - 2012
    EventInternational Conference on Frontier of Computer Science and Technology -
    Duration: 1 Jan 2012 → …

    Conference

    ConferenceInternational Conference on Frontier of Computer Science and Technology
    Period1/01/12 → …

    Fingerprint

    Dive into the research topics of 'A nonlinear correlation measure for intrusion detection'. Together they form a unique fingerprint.

    Cite this