An Authorized Access Attack Detection Method for Realtime Intrusion Detection System

2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC) Pub Date : 2020-01-01 DOI:10.1109/CCNC46108.2020.9045334

Sung-Kwan Youm, Yong-Kab Kim, Kwang-Seong Shin, Eui-Jik Kim

{"title":"An Authorized Access Attack Detection Method for Realtime Intrusion Detection System","authors":"Sung-Kwan Youm, Yong-Kab Kim, Kwang-Seong Shin, Eui-Jik Kim","doi":"10.1109/CCNC46108.2020.9045334","DOIUrl":null,"url":null,"abstract":"Recently, a malicious user breaks into the network and destroys the entire network. In particular, it destroys the whole network through unauthorized access attacks with a contaminated system. In this paper, we propose a fast unauthorized access attack detection method for the real-time intrusion detection system. Conventionally, unauthorized access detection was performed by supervised learning to analyze all collected traffic characteristics. In the proposed method, the normal traffic is classified through unsupervised learning prior to a supervised learning, and the intrusion detection of supervised learning for unauthorized access to the normal traffic is not performed. Here, our scheme makes up arbitrary test traffic to pass through a gateway in order to classify the normal traffic. A supervised learning is performed as to classify unauthorized access attack types on abnormal traffic. Therefore, we verified that the proposed method can classify normal traffic and detect unauthorized access attacks against abnormal traffic and shorten the time than the conventional method by simulation.","PeriodicalId":443862,"journal":{"name":"2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCNC46108.2020.9045334","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Recently, a malicious user breaks into the network and destroys the entire network. In particular, it destroys the whole network through unauthorized access attacks with a contaminated system. In this paper, we propose a fast unauthorized access attack detection method for the real-time intrusion detection system. Conventionally, unauthorized access detection was performed by supervised learning to analyze all collected traffic characteristics. In the proposed method, the normal traffic is classified through unsupervised learning prior to a supervised learning, and the intrusion detection of supervised learning for unauthorized access to the normal traffic is not performed. Here, our scheme makes up arbitrary test traffic to pass through a gateway in order to classify the normal traffic. A supervised learning is performed as to classify unauthorized access attack types on abnormal traffic. Therefore, we verified that the proposed method can classify normal traffic and detect unauthorized access attacks against abnormal traffic and shorten the time than the conventional method by simulation.

查看原文本刊更多论文

一种实时入侵检测系统的授权访问攻击检测方法

最近，一个恶意用户闯入网络，破坏了整个网络。特别是，它通过使用受污染的系统进行未经授权的访问攻击来破坏整个网络。本文针对实时入侵检测系统提出了一种快速的未经授权访问攻击检测方法。传统上，未经授权的访问检测是通过监督学习来分析所有收集到的流量特征。该方法在对正常流量进行有监督学习之前，先对正常流量进行无监督学习分类，对未授权访问正常流量不进行有监督学习的入侵检测。在这里，我们的方案组成任意测试流量通过网关，以便对正常流量进行分类。对异常流量进行监督学习，对非法访问攻击类型进行分类。因此，我们通过仿真验证了该方法可以对正常流量进行分类，并对异常流量进行未授权访问攻击检测，比传统方法缩短了检测时间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 IEEE 17th Annual Consumer Communications & Networking Conference (CCNC)

自引率

0.00%

发文量