安全保障的免疫智能方法

2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) Pub Date : 2015-06-08 DOI:10.1109/CyberSA.2015.7166116

A. Enache, Mihai-Gabriel Ionita, V. Sgârciu

{"title":"安全保障的免疫智能方法","authors":"A. Enache, Mihai-Gabriel Ionita, V. Sgârciu","doi":"10.1109/CyberSA.2015.7166116","DOIUrl":null,"url":null,"abstract":"Information Security Assurance implies ensuring the integrity, confidentiality and availability of critical assets for an organization. The large amount of events to monitor in a fluid system in terms of topology and variety of new hardware or software, overwhelms monitoring controls. Furthermore, the multi-facets of cyber threats today makes it difficult even for security experts to handle and keep up-to-date. Hence, automatic \"intelligent\" tools are needed to address these issues. In this paper, we describe a `work in progress' contribution on intelligent based approach to mitigating security threats. The main contribution of this work is an anomaly based IDS model with active response that combines artificial immune systems and swarm intelligence with the SVM classifier. Test results for the NSL-KDD dataset prove the proposed approach can outperform the standard classifier in terms of attack detection rate and false alarm rate, while reducing the number of features in the dataset.","PeriodicalId":432356,"journal":{"name":"2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"An immune intelligent approach for security assurance\",\"authors\":\"A. Enache, Mihai-Gabriel Ionita, V. Sgârciu\",\"doi\":\"10.1109/CyberSA.2015.7166116\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Information Security Assurance implies ensuring the integrity, confidentiality and availability of critical assets for an organization. The large amount of events to monitor in a fluid system in terms of topology and variety of new hardware or software, overwhelms monitoring controls. Furthermore, the multi-facets of cyber threats today makes it difficult even for security experts to handle and keep up-to-date. Hence, automatic \\\"intelligent\\\" tools are needed to address these issues. In this paper, we describe a `work in progress' contribution on intelligent based approach to mitigating security threats. The main contribution of this work is an anomaly based IDS model with active response that combines artificial immune systems and swarm intelligence with the SVM classifier. Test results for the NSL-KDD dataset prove the proposed approach can outperform the standard classifier in terms of attack detection rate and false alarm rate, while reducing the number of features in the dataset.\",\"PeriodicalId\":432356,\"journal\":{\"name\":\"2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)\",\"volume\":\"40 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CyberSA.2015.7166116\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberSA.2015.7166116","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

信息安全保证意味着确保组织关键资产的完整性、机密性和可用性。流体系统中需要监控的大量事件(拓扑结构和各种新硬件或软件)压倒了监控控制。此外，当今网络威胁的多面性甚至使安全专家也难以处理和保持最新。因此，需要自动的“智能”工具来解决这些问题。在本文中，我们描述了“正在进行的工作”对基于智能的方法来减轻安全威胁的贡献。本工作的主要贡献是将人工免疫系统和群体智能与SVM分类器相结合，建立了一种基于异常的主动响应IDS模型。对NSL-KDD数据集的测试结果证明，该方法在攻击检测率和虚警率方面优于标准分类器，同时减少了数据集中的特征数量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An immune intelligent approach for security assurance

Information Security Assurance implies ensuring the integrity, confidentiality and availability of critical assets for an organization. The large amount of events to monitor in a fluid system in terms of topology and variety of new hardware or software, overwhelms monitoring controls. Furthermore, the multi-facets of cyber threats today makes it difficult even for security experts to handle and keep up-to-date. Hence, automatic "intelligent" tools are needed to address these issues. In this paper, we describe a `work in progress' contribution on intelligent based approach to mitigating security threats. The main contribution of this work is an anomaly based IDS model with active response that combines artificial immune systems and swarm intelligence with the SVM classifier. Test results for the NSL-KDD dataset prove the proposed approach can outperform the standard classifier in terms of attack detection rate and false alarm rate, while reducing the number of features in the dataset.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)

自引率

0.00%

发文量