@inproceedings{64cb708309c04fcbb9b996d7c225978d,
title = "Towards practical anomaly-based intrusion detection by outlier mining on TCP packets",
abstract = "Intrusion detection System (IDS) is an important part of the security of large networks like the Internet. With increasing number of data being transmitted day by day from one subnetwork to another, the system needs to identify intrusion in such large datasets in an effectively and timely manner. So the application of knowledge discovery comes handy to identify unusual accesses or attacks. Improving an IDS's performance and accuracy is one of the major challenges network security research today. In this paper, we propose a practical anomaly-based IDS using outlier mining of the readily available basic Transmission Control Protocol (TCP) header information as well as other easily derivable attributes. We use a two-step approach of k-means clustering and one-class support vector machine (SVM) to model the normal sessions presented in MIT DARPA '99 dataset. We then feed the testing set to the resultant model to predict the attacks sessions.",
keywords = "IDS, k-means clustering, one-class SVM, outlier mining, TCP",
author = "Prajowal Manandhar and Zeyar Aung",
year = "2014",
doi = "10.1007/978-3-319-10085-2\_14",
language = "British English",
isbn = "9783319100845",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
number = "PART 2",
pages = "164--173",
booktitle = "Database and Expert Systems Applications - 25th International Conference, DEXA 2014, Proceedings",
address = "Germany",
edition = "PART 2",
note = "25th International Conference on Database and Expert Systems Applications, DEXA 2014 ; Conference date: 01-09-2014 Through 04-09-2014",
}