资源描述:
《ensemble learning for intrusion detection in computer networks》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、EnsembleLearningforIntrusionDetectioninComputerNetworksLucaDidaci,GiorgioGiacintoandFabioRoliDepartmentofElectricalandElectronicEngineering-UniversityofCagliari,ItalyPiazzaD'Armi-09123Cagliari,Italy{luca.didaci,giacinto,roli}@diee.unica.itAbstract.Thesecuri
2、tyofcomputernetworksplaysastrategicroleinmoderncomputersystems.Inordertoenforcehighprotectionlevelsagainstthreats,anumberofsoftwaretoolsarecurrentlydeveloped.IntrusionDetectionSystemsaimatdetectingintruderwhoeludedthe"firstline"protection.Inthispaper,apatte
3、rnrecognitionapproachtonetworkintrusiondetectionbasedonensemblelearningparadigmsisproposed.Thepotentialitiesofsuchanapproachfordatafusionandsomeopenissuesareoutlined.Keywords:IntrusionDetection,patternclassification,ensemblelearning,datafusion1IntroductionN
4、owadaysanincreasingnumberofcommercialandpublicservicesareofferedtroughInternet,sothatsecurityisbecomingoneofthekeyissues.Theso-called"attacks"tointernetserviceprovidersarecarriedoutbyexploitingunknownweaknessesorbugsalwayscontainedinsystemandapplicationsoft
5、ware[1-2].Computernetworksareusuallyprotectedagainstattacksbyanumberofaccessrestrictionpoliciesthatactasacoarsegrainfilter.Intrusiondetectionsystems(IDS)arethefinegrainfilterplacedinsidetheprotectednetwork,lookingforknownorpotentialthreatsinnetworktraffican
6、d/orauditdatarecordedbyhosts.Twoapproachestointrusiondetectionarecurrentlyused.Thefirstone,calledmisusedetection,isbasedonattacksignatures,i.e.,onadetaileddescriptionofthesequenceofactionsperformedbytheattacker.Thisapproachallowsthedetectionofintrusionsmatc
7、hingperfectlythesignatures.TheeffectivenessisstrictlyrelatedtotheextenttowhichIDSsareupdatedwiththesignaturesofthelatestattacksdeveloped.Thisiscurrentlyachallengesincenewattacksandnewattackvariantsareconstantlybeingdeveloped.Inparticular,atthetimeanattacksi
8、gnatureismadepubliclyavailable,anumberofattackvariantsaredesignedtoproducethesameeffectastheoriginalattack,butwithaslightlydifferentsignaturethatisnotdetectedbysignature-basedIDSs.Thedevelopmentofsigna
