{"title":"基于离散傅里叶变换的入侵检测系统量化","authors":"Yusuke Tsuge, Hidema Tanaka","doi":"10.1109/ICISSEC.2016.7885867","DOIUrl":null,"url":null,"abstract":"An Intrusion Detection System (IDS) is a countermeasure against network attack. There are mainly two types of detections; signature-based and anomaly-based. Since attackers change their technique rapidly, anomaly-based detection draws research interest nowadays. Since some anomaly-based IDS depends on operator's visual identification, it is difficult to define normal behavior effectively. To solve the problem, we propose quantification method using Shannon-Hartley theorem which improves Enkhbold et al. method. This method uses Discrete Fourier Transform to analyze spectrum of each session. They assume fluctuation of spectrum in normal sessions as random and abnormal sessions as biased. To quantify difference between each spectrum and the standard one, we can obtain entropy using Shannon-Hartley theorem. By spectrum analysis based on such assumption, it is possible to create the Detection-table which can be determined either normal or abnormal sessions. And we also find out that our quantification method will discover the feature of unknown attack session.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Quantification for Intrusion Detection System Using Discrete Fourier Transform\",\"authors\":\"Yusuke Tsuge, Hidema Tanaka\",\"doi\":\"10.1109/ICISSEC.2016.7885867\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An Intrusion Detection System (IDS) is a countermeasure against network attack. There are mainly two types of detections; signature-based and anomaly-based. Since attackers change their technique rapidly, anomaly-based detection draws research interest nowadays. Since some anomaly-based IDS depends on operator's visual identification, it is difficult to define normal behavior effectively. To solve the problem, we propose quantification method using Shannon-Hartley theorem which improves Enkhbold et al. method. This method uses Discrete Fourier Transform to analyze spectrum of each session. They assume fluctuation of spectrum in normal sessions as random and abnormal sessions as biased. To quantify difference between each spectrum and the standard one, we can obtain entropy using Shannon-Hartley theorem. By spectrum analysis based on such assumption, it is possible to create the Detection-table which can be determined either normal or abnormal sessions. And we also find out that our quantification method will discover the feature of unknown attack session.\",\"PeriodicalId\":420224,\"journal\":{\"name\":\"2016 International Conference on Information Science and Security (ICISS)\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 International Conference on Information Science and Security (ICISS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICISSEC.2016.7885867\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 International Conference on Information Science and Security (ICISS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICISSEC.2016.7885867","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Quantification for Intrusion Detection System Using Discrete Fourier Transform
An Intrusion Detection System (IDS) is a countermeasure against network attack. There are mainly two types of detections; signature-based and anomaly-based. Since attackers change their technique rapidly, anomaly-based detection draws research interest nowadays. Since some anomaly-based IDS depends on operator's visual identification, it is difficult to define normal behavior effectively. To solve the problem, we propose quantification method using Shannon-Hartley theorem which improves Enkhbold et al. method. This method uses Discrete Fourier Transform to analyze spectrum of each session. They assume fluctuation of spectrum in normal sessions as random and abnormal sessions as biased. To quantify difference between each spectrum and the standard one, we can obtain entropy using Shannon-Hartley theorem. By spectrum analysis based on such assumption, it is possible to create the Detection-table which can be determined either normal or abnormal sessions. And we also find out that our quantification method will discover the feature of unknown attack session.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
