BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks

Viegas Eduardo; Santin Altair; Bessani Alysson; Neves Nuno

首页> 外文期刊>Future generation computer systems >BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks

【24h】

BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks

机译：BigFlow：用于高速网络的实时，可靠的基于异常的入侵检测

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Existing machine learning solutions for network-based intrusion detection cannot maintain their reliability over time when facing high-speed networks and evolving attacks. In this paper, we propose BigFlow, an approach capable of processing evolving network traffic while being scalable to large packet rates. BigFlow employs a verification method that checks if the classifier outcome is valid in order to provide reliability. If a suspicious packet is found, an expert may help BigFlow to incrementally change the classification model. Experiments with BigFlow, over a network traffic dataset spanning a full year, demonstrate that it can maintain high accuracy over time. It requires as little as 4% of storage and between 0.05% and 4% of training time, compared with other approaches. BigFlow is scalable, coping with a 10-Gbps network bandwidth in a 40-core cluster commodity hardware. (C) 2018 Elsevier B.V. All rights reserved.

机译：当面对高速网络和不断发展的攻击时，用于基于网络的入侵检测的现有机器学习解决方案无法长期保持其可靠性。在本文中，我们提出了BigFlow，这是一种能够处理不断发展的网络流量同时又可扩展至大数据包速率的方法。 BigFlow采用一种验证方法，该方法检查分类器结果是否有效以提供可靠性。如果找到可疑数据包，专家可以帮助BigFlow逐步更改分类模型。在长达一整年的网络流量数据集上对BigFlow进行的实验表明，它可以长期保持较高的准确性。与其他方法相比，它仅需要4％的存储空间和0.05％到4％的训练时间。 BigFlow具有可扩展性，可以在40核群集商品硬件中处理10 Gbps的网络带宽。（C）2018 Elsevier B.V.保留所有权利。

著录项

来源
《Future generation computer systems》 |2019年第4期|473-485|共13页
作者
Viegas Eduardo; Santin Altair; Bessani Alysson; Neves Nuno;
展开▼
作者单位

Pontificia Univ Catolica Parana, Grad Program Comp Sci, Curitiba, Parana, Brazil|Univ Lisbon, Fac Ciencias, LaSIGE, Lisbon, Portugal;

Pontificia Univ Catolica Parana, Grad Program Comp Sci, Curitiba, Parana, Brazil;

Univ Lisbon, Fac Ciencias, LaSIGE, Lisbon, Portugal;

Univ Lisbon, Fac Ciencias, LaSIGE, Lisbon, Portugal;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Data stream; Stream learning; Classification reliability; Anomaly-based intrusion detection;

机译：数据流;流学习;分类可靠性;基于异常的入侵检测;

相似文献

外文文献
中文文献
专利

1. Toward a reliable anomaly-based intrusion detection in real-world environments [J] . Viegas Eduardo K., Santin Altair O., Oliveira Luiz S. Computer networks . 2017,第nova9期

机译：在现实环境中实现可靠的基于异常的入侵检测
2. Real-time intrusion detection for high-speed networks [J] . Jiang WB, Song H, Dai YQ Computers & Security . 2005,第4期

机译：高速网络的实时入侵检测
3. A Convolutional Neural Network for Improved Anomaly-Based Network Intrusion Detection [J] . Al-Turaiki Isra, Altwaijry Najwa Big Data . 2021,第3期

机译：一种改进基于异常的网络入侵检测的卷积神经网络
4. PDA-CS: Profile Distance Assessment-Centric Cuckoo Search for Anomaly-Based Intrusion Detection in High-Speed Networks [C] . Kanaka Raju Gariga, A. Rama Mohan Reddy, N. Sambasiva Rao International Conference on Frontiers of Intelligent Computing : Theory and Applications . 2017

机译：PDA-CS：剖面距离评估为中心的杜鹃搜索高速网络中基于异常的入侵检测
5. Anomaly-based network intrusion detection using outlier subspace analysis approach. [D] . Kershaw, David. 2010

机译：使用异常子空间分析方法的基于异常的网络入侵检测。
6. Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks [O] . Riaz Ahmed Shaikh, Hassan Jameel, Brian J. d’Auriol, 2009

机译：无线传感器网络协同分布式入侵检测方案的入侵感知警报验证算法
7. Anomaly-Based Intrusion Detection Algorithms for Wireless Networks ⋆ [O] . Ros G. Fragkiadakis, Vasilios A. Siris, Nikolaos Petroulakis 2010

机译：基于异常的无线网络入侵检测算法⋆
8. Model-Based Real-Time Intrusion Detection System for Large Scale Heterogeneous Networks [R] . Kemmer, R. A. , Vigna, G. 2003

机译：基于模型的大规模异构网络实时入侵检测系统

BigFlow: Real-time and reliable anomaly-based intrusion detection for high-speed networks

摘要

著录项

相似文献

相关主题

期刊订阅