Journal of Information Security

Volume 3, Issue 1 (January 2012)

ISSN Print: 2153-1234   ISSN Online: 2153-1242

Google-based Impact Factor: 3.79  Citations  

A Multi-Stage Network Anomaly Detection Method for Improving Efficiency and Accuracy

HTML  XML Download Download as PDF (Size: 121KB)  PP. 18-24  
DOI: 10.4236/jis.2012.31003    4,893 Downloads   8,604 Views  Citations

Affiliation(s)

.

ABSTRACT

Because of an explosive growth of the intrusions, necessity of anomaly-based Intrusion Detection Systems (IDSs) which are capable of detecting novel attacks, is increasing. Among those systems, flow-based detection systems which use a series of packets exchanged between two terminals as a unit of observation, have an advantage of being able to detect anomaly which is included in only some specific sessions. However, in large-scale networks where a large number of communications takes place, analyzing every flow is not practical. On the other hand, a timeslot-based detection systems need not to prepare a number of buffers although it is difficult to specify anomaly communications. In this paper, we propose a multi-stage anomaly detection system which is combination of timeslot-based and flow-based detectors. The proposed system can reduce the number of flows which need to be subjected to flow-based analysis but yet exhibits high detection accuracy. Through experiments using data set, we present the effectiveness of the proposed method.

Share and Cite:

Y. Waizumi, H. Tsunoda, M. Tsuji and Y. Nemoto, "A Multi-Stage Network Anomaly Detection Method for Improving Efficiency and Accuracy," Journal of Information Security, Vol. 3 No. 1, 2012, pp. 18-24. doi: 10.4236/jis.2012.31003.

Cited by

[1] Minimal Triangle Area Mahalanobis Distance for Stream Homogeneous Group-based DDoS Classification.
2018
[2] Multistage process to decrease processing time in intrusion prevention system
2017
[3] Technologies, methodologies and challenges in network intrusion detection and prevention systems.
2013
[4] Security tactics for secured cloud computing resources.
ICOIN, 2013
[5] A real time unsupervised NIDS for detecting unknown and encrypted network attacks in high speed network
Measurements and Networking Proceedings (M&N), 2013 IEEE International Workshop on. IEEE, 2013
[6] Real time multi stage unsupervised intelligent engine for NIDS to enhance detection rate of unknown attacks
Information Science and Technology (ICIST), 2013 International Conference on. IEEE, 2013
[7] Technologies, Methodologies and Challenges in Network Intrusion Detection and Prevention Systems
Informatica Economica, 2013
[8] Security tactics for secured cloud computing resources
The International Conference on Information Networking 2013 (ICOIN), 2013

Journals Menu
Follow SCIRP
Contact us
customer@scirp.org
WhatsApp +86 18163351462(WhatsApp)
Click here to send a message to me 1655362766
Paper Publishing WeChat

Copyright © 2023 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.