Dora Pušelj, Lovro Katić, Dominik Ostroski, Ivona Brajdic, Karlo Slovenec
{"title":"Using Approximation of Standard Deviation and Variance in Flow Features for Efficient Intrusion Detection","authors":"Dora Pušelj, Lovro Katić, Dominik Ostroski, Ivona Brajdic, Karlo Slovenec","doi":"10.23919/ConTEL52528.2021.9495962","DOIUrl":null,"url":null,"abstract":"Intrusion Detection Systems (IDS) are one of the most important defense tools against dangerous and sophisticated network attacks. In recent years high-speed network interfaces have become common in data centers and servers. To process such high-speed network traffic entirely, the feature extraction phase of an IDS must be highly efficient. The speed and overall efficiency of the feature extraction phase of anomaly-based Intrusion Detection Systems can be improved by substituting the exact values for standard deviation and variance with lower complexity approximations. This paper demonstrates that using range rule of thumb approximations instead of exact values does not affect the classification results of the model tested in its various configurations. The results show that the accuracy of the model output obtained using the approximations does not differ from the results obtained using the real values by more than 0.05%.","PeriodicalId":269755,"journal":{"name":"2021 16th International Conference on Telecommunications (ConTEL)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 16th International Conference on Telecommunications (ConTEL)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/ConTEL52528.2021.9495962","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Intrusion Detection Systems (IDS) are one of the most important defense tools against dangerous and sophisticated network attacks. In recent years high-speed network interfaces have become common in data centers and servers. To process such high-speed network traffic entirely, the feature extraction phase of an IDS must be highly efficient. The speed and overall efficiency of the feature extraction phase of anomaly-based Intrusion Detection Systems can be improved by substituting the exact values for standard deviation and variance with lower complexity approximations. This paper demonstrates that using range rule of thumb approximations instead of exact values does not affect the classification results of the model tested in its various configurations. The results show that the accuracy of the model output obtained using the approximations does not differ from the results obtained using the real values by more than 0.05%.