{"title":"KDD Cup 1999数据集上用户到根和远程到本地网络入侵检测的自组织特征映射","authors":"Ryan Wilson, C. Obimbo","doi":"10.1109/WORLDCIS17046.2011.5749879","DOIUrl":null,"url":null,"abstract":"The problem of network intrusion detection is one that is ever-changing, ever-evolving, and is always in need of improvement. Society-at-large relies on computer networks everyday for tasks ranging from online banking to e-commerce, social networking, news, gambling, and just about anything else. As such, society demands that these networks remain secure. In order to maintain security the systems used to protect these networks, which are vital to the 21st century world, must be constantly updated. The task of creating a system for the 21st century fell upon several groups for the ACM 1999 KDD Cup Competition. The competition produced a winning entry, but something was lacking: The winning team's results for two of the intrusion types, User-to-Root and Remote-to-Local, were subpar at best. The winning team produced a 13.8% and 8.4% detection rate for these types respectively, compared to over 90% for each of the Denial of Service and Probing intrusion types. This research aimed to rectify this shortcoming. By implementing an unsupervised learning system, this research has produced a system that correctly detects 62.8% of User-to-Root attacks within the same dataset, with minimal false positives, while maintaining the high detection rates of Denial of Service and Probing attacks.","PeriodicalId":204568,"journal":{"name":"2011 World Congress on Internet Security (WorldCIS-2011)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Self-organizing feature maps for User-to-Root and Remote-to-Local network intrusion detection on the KDD Cup 1999 dataset\",\"authors\":\"Ryan Wilson, C. Obimbo\",\"doi\":\"10.1109/WORLDCIS17046.2011.5749879\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The problem of network intrusion detection is one that is ever-changing, ever-evolving, and is always in need of improvement. Society-at-large relies on computer networks everyday for tasks ranging from online banking to e-commerce, social networking, news, gambling, and just about anything else. As such, society demands that these networks remain secure. In order to maintain security the systems used to protect these networks, which are vital to the 21st century world, must be constantly updated. The task of creating a system for the 21st century fell upon several groups for the ACM 1999 KDD Cup Competition. The competition produced a winning entry, but something was lacking: The winning team's results for two of the intrusion types, User-to-Root and Remote-to-Local, were subpar at best. The winning team produced a 13.8% and 8.4% detection rate for these types respectively, compared to over 90% for each of the Denial of Service and Probing intrusion types. This research aimed to rectify this shortcoming. By implementing an unsupervised learning system, this research has produced a system that correctly detects 62.8% of User-to-Root attacks within the same dataset, with minimal false positives, while maintaining the high detection rates of Denial of Service and Probing attacks.\",\"PeriodicalId\":204568,\"journal\":{\"name\":\"2011 World Congress on Internet Security (WorldCIS-2011)\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-04-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 World Congress on Internet Security (WorldCIS-2011)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WORLDCIS17046.2011.5749879\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 World Congress on Internet Security (WorldCIS-2011)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WORLDCIS17046.2011.5749879","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Self-organizing feature maps for User-to-Root and Remote-to-Local network intrusion detection on the KDD Cup 1999 dataset
The problem of network intrusion detection is one that is ever-changing, ever-evolving, and is always in need of improvement. Society-at-large relies on computer networks everyday for tasks ranging from online banking to e-commerce, social networking, news, gambling, and just about anything else. As such, society demands that these networks remain secure. In order to maintain security the systems used to protect these networks, which are vital to the 21st century world, must be constantly updated. The task of creating a system for the 21st century fell upon several groups for the ACM 1999 KDD Cup Competition. The competition produced a winning entry, but something was lacking: The winning team's results for two of the intrusion types, User-to-Root and Remote-to-Local, were subpar at best. The winning team produced a 13.8% and 8.4% detection rate for these types respectively, compared to over 90% for each of the Denial of Service and Probing intrusion types. This research aimed to rectify this shortcoming. By implementing an unsupervised learning system, this research has produced a system that correctly detects 62.8% of User-to-Root attacks within the same dataset, with minimal false positives, while maintaining the high detection rates of Denial of Service and Probing attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
