CFP last date
20 December 2024
Reseach Article

Cluster based Statistical Anomaly Intrusion Detection for Varied Attack Intensities

by M.Thangavel, Dr. P.Thangaraj
journal cover thumbnail
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 24 - Number 7
Year of Publication: 2011
Authors: M.Thangavel, Dr. P.Thangaraj
10.5120/2991-3957

M.Thangavel, Dr. P.Thangaraj . Cluster based Statistical Anomaly Intrusion Detection for Varied Attack Intensities. International Journal of Computer Applications. 24, 7 ( June 2011), 27-33. DOI=10.5120/2991-3957

@article{ 10.5120/2991-3957,
author = { M.Thangavel, Dr. P.Thangaraj },
title = { Cluster based Statistical Anomaly Intrusion Detection for Varied Attack Intensities },
journal = { International Journal of Computer Applications },
issue_date = { June 2011 },
volume = { 24 },
number = { 7 },
month = { June },
year = { 2011 },
issn = { 0975-8887 },
pages = { 27-33 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume24/number7/2991-3957/ },
doi = { 10.5120/2991-3957 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:10:24.311833+05:30
%A M.Thangavel
%A Dr. P.Thangaraj
%T Cluster based Statistical Anomaly Intrusion Detection for Varied Attack Intensities
%J International Journal of Computer Applications
%@ 0975-8887
%V 24
%N 7
%P 27-33
%D 2011
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In today's Internet paradigm, the type of intrusion attacks becomes crucial in presenting effective improvement to anomaly intrusion attacks. Anomaly Traffic hacker attacks combined with traditional network intruders was a serious threat to network security. The existing work on intrusion detection and prevention of traffic attacks take much time, before which the intruder is spread across the network. The sensing mechanism in addition to rejection of an attack against intruders and keeps no record of the cause of the attack and its effects. In same time the actual happening of the attack detection method was left over unnoticing. This motivates to develop an effective attack mechanism of the cluster based anomaly intrusion detection.

References
  1. A. Ramanathan, “WADeS: A tool for distributed denial of service attack detection” M.S. thesis, TAMU-ECE-2002- 02, Aug. 2002.
  2. P. Barford et al., “A signal analysis of network traffic anomalies,” in ACM SIGCOMM Internet Measurement Workshop, Nov. 2002.
  3. J. Mirkovic, G. Prier, and P. Reiher, “Attacking DIntrusion at the source,” in IEEE Int. Conf. Network Protocols, Nov. 2002.E. Kohler, J. Li, V. Paxson, and S. Shenker, “Observed structure of addresses in IP traffic,” in Proc. ACM IMW, Nov. 2002.
  4. Lin Chen, and Jean Leneutre, “A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks” IEEE Transaction on Information and Forensic and Security Vol.4 No.2, June 2009 165
  5. F. Naït-Abdesselam, B. Bensaou, and T. Taleb, "Detecting and Avoiding Wormhole Attacks in Wireless Ad Hoc Networks," in IEEE Communications Magazine. vol. 46, April 2008, pp. 127-133.
  6. S. Khurana and N. Gupta, "FEEPVR: First End-to-End Protocol to Secure Ad Hoc Networks with Variable Ranges against Wormhole Attacks," in Second International Conference on Emerging Security Information, Systems and Technologies, secureware
  7. Aickelin, U., J. Greensmith, and J. Twycross. "Immune System Approaches to Intrusion Detection - A Review ",Natural Computing, Springer, in print, 2007
  8. Y Huang, W Fan, W Lee, and P. S.Yu, “Cross-feature analysis for detecting ad-hoc routing anomalies,” in Proc 23th Int. Conf. Distributed Computing Systems (ICDCS) Providence , RI , May 2003.
  9. D. Subhadrabandhu, S. Sarkar, and F. Anjum, “A statistical framework for intrusion detection in ad hoc networks,” in INFOCOM 2006, Barcelona , Spain
  10. F. Valeur, G. Vigna, C. Kr¨ ugel, and R. A. Kemmerer, “A comprehensive approach to intrusion detection alert correlation,” in IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 3, 2004, pp. 146–169.
  11. D. Li, Z. Li, and J. Ma, “Processing intrusion detection alerts in large-scale network,” in International Symposium on Electronic Commerce and Security, Guangzhou , China , 2008, pp. 545–548.
  12. A. Valdes and K. Skinner, “Probabilistic alert correlation,” in Recent Advances in Intrusion Detection, ser. LNCS, W. Lee, L. Me, and A. Wespi, Eds., vol. 2212. Berlin , Germany : Springer, 2001, pp. 54–68.
  13. K. Julisch, “Using root cause analysis to handle intrusion detection alarms,” Ph.D. dissertation, Universit¨at Dortmund, Germany, 2003.
  14. T. Pietraszek, “Alert classi.cation to reduce false positives in intrusion detection,” Ph.D. dissertation, Universit¨at Freiburg, Germany, 2006
  15. F. Autrel and F. Cuppens, “Using an intrusion detection alert similarity operator to aggregate and fuse alerts,” in 4th Conference on Security and Network Architectures, Batz sur Mer , France , 2005, pp. 312–322.
  16. G. Giacinto, R. Perdisci, and F. Roli, “Alarm clustering for intrusion detection systems in computer networks,” in Machine Learning and Data Mining in Pattern Recognition, ser. LNCS, P. Perner and A. Imiya, Eds., vol. 3587. Berlin , Germany : Springer, 2005, pp. 184–193.
  17. O. Dain and R. Cunningham, “Fusing a heterogeneous alert stream into scenarios,” in Proceedings of the 2001 ACM Workshop on Data Mining for Security Applications, Philadelphia, PA, 2001, pp. 1–13.
  18. M. S. Shin, H. Moon, K. H. Ryu, K. Kim, and J. Kim, “Applying data mining techniques to analyze alert data,” in Web Technologies and Applications, ser. LNCS, X. Zhou, Y. Zhang, and M. E. Orlowska, Eds., vol. 2642. Berlin , Germany : Springer, 2003, pp. 193–200.
  19. J. Song, H. Ohba, H. Takakura, Y. Okabe, K. Ohira, and Y. Kwon, “A comprehensive approach to detect unknown attacks via intrusion detection alerts,” in Advances in Computer Science – ASIAN 2007. Computer and Network Security, services. LNCS, I. Cervesato, Ed., vol. 4846. Berlin, Germany: Springer, 2008, pp. 247–253.
Index Terms

Computer Science
Information Sciences

Keywords

Network Traffic Anomaly Intrusion Detection Traffic Statistics Cluster Data Streams