Descripción
|
|
---|---|
Network intrusion detection systems (NIDS) detect attacks or anomalous network traffic patterns in order to avoid cybersecurity issues. Anomaly detection algorithms are used to identify unusual behavior or outliers in the network traffic in order to generate alarms. Traditionally, Gaussian Mixture Models (GMMs) have been used for probabilistic-based anomaly detection NIDS. We propose to use multiple simple GMMs to model each individual feature, and an asymmetric voting scheme that aggregates the individual anomaly detectors to provide. We test our approach using the NSL dataset. We construct the normal behavior models using only the samples labelled as normal in this dataset and evaluate our proposal using the official NSL testing set. As a result, we obtain a F1-score over 0.9, outperforming other supervised and unsupervised proposals. | |
Internacional
|
Si |
Nombre congreso
|
International Conference on Hybrid Artificial Intelligence Systems |
Tipo de participación
|
960 |
Lugar del congreso
|
León |
Revisores
|
Si |
ISBN o ISSN
|
978-3-030-29859-3 |
DOI
|
https://doi.org/10.1007/978-3-030-29859-3_55 |
Fecha inicio congreso
|
04/09/2019 |
Fecha fin congreso
|
06/09/2019 |
Desde la página
|
648 |
Hasta la página
|
659 |
Título de las actas
|
Hybrid Artificial Intelligent Systems |