基于学习技术的网络入侵检测新框架

PACRIM. 2005 IEEE Pacific Rim Conference on Communications, Computers and signal Processing, 2005. Pub Date : 2005-10-17 DOI:10.1109/PACRIM.2005.1517325

Wei Lu

{"title":"基于学习技术的网络入侵检测新框架","authors":"Wei Lu","doi":"10.1109/PACRIM.2005.1517325","DOIUrl":null,"url":null,"abstract":"We propose in this paper a novel network intrusion detection framework based on learning techniques. The main goal of our framework is to detect known as well as unknown or novel attacks on networks. Our detection approach combines three learning techniques, namely inductive logic programming (ILP), genetic programming (GP) and Bayesian probability theorem. Each technique detects the intrusion independently and then makes a decision about whether the network behavior is intrusive or normal. A voting mechanism is proposed to give the final intrusion decision. In theory, our framework has lower false alarm rate than other approaches since we use the voting mechanism and combine several detection techniques.","PeriodicalId":346880,"journal":{"name":"PACRIM. 2005 IEEE Pacific Rim Conference on Communications, Computers and signal Processing, 2005.","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A novel framework for network intrusion detection using learning techniques\",\"authors\":\"Wei Lu\",\"doi\":\"10.1109/PACRIM.2005.1517325\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose in this paper a novel network intrusion detection framework based on learning techniques. The main goal of our framework is to detect known as well as unknown or novel attacks on networks. Our detection approach combines three learning techniques, namely inductive logic programming (ILP), genetic programming (GP) and Bayesian probability theorem. Each technique detects the intrusion independently and then makes a decision about whether the network behavior is intrusive or normal. A voting mechanism is proposed to give the final intrusion decision. In theory, our framework has lower false alarm rate than other approaches since we use the voting mechanism and combine several detection techniques.\",\"PeriodicalId\":346880,\"journal\":{\"name\":\"PACRIM. 2005 IEEE Pacific Rim Conference on Communications, Computers and signal Processing, 2005.\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-10-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"PACRIM. 2005 IEEE Pacific Rim Conference on Communications, Computers and signal Processing, 2005.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PACRIM.2005.1517325\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"PACRIM. 2005 IEEE Pacific Rim Conference on Communications, Computers and signal Processing, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PACRIM.2005.1517325","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

本文提出了一种新的基于学习技术的网络入侵检测框架。我们的框架的主要目标是检测已知的以及未知的或新颖的网络攻击。我们的检测方法结合了三种学习技术，即归纳逻辑规划(ILP)、遗传规划(GP)和贝叶斯概率定理。每一种技术都独立检测入侵，然后判断网络行为是入侵还是正常。提出了一种投票机制来给出最终的入侵决策。从理论上讲，我们的框架比其他方法具有更低的误报率，因为我们使用了投票机制并结合了几种检测技术。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A novel framework for network intrusion detection using learning techniques

We propose in this paper a novel network intrusion detection framework based on learning techniques. The main goal of our framework is to detect known as well as unknown or novel attacks on networks. Our detection approach combines three learning techniques, namely inductive logic programming (ILP), genetic programming (GP) and Bayesian probability theorem. Each technique detects the intrusion independently and then makes a decision about whether the network behavior is intrusive or normal. A voting mechanism is proposed to give the final intrusion decision. In theory, our framework has lower false alarm rate than other approaches since we use the voting mechanism and combine several detection techniques.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

PACRIM. 2005 IEEE Pacific Rim Conference on Communications, Computers and signal Processing, 2005.

自引率

0.00%

发文量