William Edmonds, Sun-il Kim, E. MacIntyre, Chockalingam Karuppanchetty, N. Nwanze
{"title":"网络有效负载异常检测方案的有效调优方法","authors":"William Edmonds, Sun-il Kim, E. MacIntyre, Chockalingam Karuppanchetty, N. Nwanze","doi":"10.1109/CCNC.2016.7444873","DOIUrl":null,"url":null,"abstract":"Consumers and service providers are both becoming increasingly concerned about new, never-before-seen attacks. Anomaly-based intrusion prevention is an important part of cybersecurity, which offers the possibility of detecting some zero-day attacks. Typically, detection speed and efficacy (in terms of true and false positives) are considered in evaluating intrusion detection schemes. However, effective configuration (training and tuning) is critical for deployment of such schemes in practice. As network traffic may shift over time, the ability to perform fast reconfiguration is needed to provide the level of security necessary for future applications. We present parallel mapping and genetic algorithms-based approaches, which can be used to achieve rapid training and tuning for a highly efficient payload-based anomaly detection algorithm.","PeriodicalId":399247,"journal":{"name":"2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Efficient tuning methodologies for a network payload anomaly inspection scheme\",\"authors\":\"William Edmonds, Sun-il Kim, E. MacIntyre, Chockalingam Karuppanchetty, N. Nwanze\",\"doi\":\"10.1109/CCNC.2016.7444873\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Consumers and service providers are both becoming increasingly concerned about new, never-before-seen attacks. Anomaly-based intrusion prevention is an important part of cybersecurity, which offers the possibility of detecting some zero-day attacks. Typically, detection speed and efficacy (in terms of true and false positives) are considered in evaluating intrusion detection schemes. However, effective configuration (training and tuning) is critical for deployment of such schemes in practice. As network traffic may shift over time, the ability to perform fast reconfiguration is needed to provide the level of security necessary for future applications. We present parallel mapping and genetic algorithms-based approaches, which can be used to achieve rapid training and tuning for a highly efficient payload-based anomaly detection algorithm.\",\"PeriodicalId\":399247,\"journal\":{\"name\":\"2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC)\",\"volume\":\"67 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-03-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCNC.2016.7444873\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCNC.2016.7444873","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Efficient tuning methodologies for a network payload anomaly inspection scheme
Consumers and service providers are both becoming increasingly concerned about new, never-before-seen attacks. Anomaly-based intrusion prevention is an important part of cybersecurity, which offers the possibility of detecting some zero-day attacks. Typically, detection speed and efficacy (in terms of true and false positives) are considered in evaluating intrusion detection schemes. However, effective configuration (training and tuning) is critical for deployment of such schemes in practice. As network traffic may shift over time, the ability to perform fast reconfiguration is needed to provide the level of security necessary for future applications. We present parallel mapping and genetic algorithms-based approaches, which can be used to achieve rapid training and tuning for a highly efficient payload-based anomaly detection algorithm.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
