Mostrar el registro sencillo del ítem
dc.contributor.author
Catania, Carlos Adrian
dc.contributor.author
Bromberg, Facundo
dc.contributor.author
Garcia Garino, Carlos Gabriel
dc.date.available
2023-06-06T11:24:26Z
dc.date.issued
2012-02
dc.identifier.citation
Catania, Carlos Adrian; Bromberg, Facundo; Garcia Garino, Carlos Gabriel; An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection; Pergamon-Elsevier Science Ltd; Expert Systems with Applications; 39; 2; 2-2012; 1822-1829
dc.identifier.issn
0957-4174
dc.identifier.uri
http://hdl.handle.net/11336/199687
dc.description.abstract
In the past years, several support vector machines (SVM) novelty detection approaches have been applied on the network intrusion detection field. The main advantage of these approaches is that they can characterize normal traffic even when trained with datasets containing not only normal traffic but also a number of attacks. Unfortunately, these algorithms seem to be accurate only when the normal traffic vastly outnumbers the number of attacks present in the dataset. A situation which can not be always hold. This work presents an approach for autonomous labeling of normal traffic as a way of dealing with situations where class distribution does not present the imbalance required for SVM algorithms. In this case, the autonomous labeling process is made by SNORT, a misuse-based intrusion detection system. Experiments conducted on the 1998 DARPA dataset show that the use of the proposed autonomous labeling approach not only outperforms existing SVM alternatives but also, under some attack distributions, obtains improvements over SNORT itself.
dc.format
application/pdf
dc.language.iso
eng
dc.publisher
Pergamon-Elsevier Science Ltd
dc.rights
info:eu-repo/semantics/openAccess
dc.rights.uri
https://creativecommons.org/licenses/by-nc-sa/2.5/ar/
dc.subject
ANOMALY DETECTION
dc.subject
INTRUSION DETECTION SYSTEMS
dc.subject
LABELING
dc.subject
SVM
dc.subject.classification
Telecomunicaciones
dc.subject.classification
Ingeniería Eléctrica, Ingeniería Electrónica e Ingeniería de la Información
dc.subject.classification
INGENIERÍAS Y TECNOLOGÍAS
dc.title
An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection
dc.type
info:eu-repo/semantics/article
dc.type
info:ar-repo/semantics/artículo
dc.type
info:eu-repo/semantics/publishedVersion
dc.date.updated
2023-06-05T11:58:23Z
dc.journal.volume
39
dc.journal.number
2
dc.journal.pagination
1822-1829
dc.journal.pais
Países Bajos
dc.journal.ciudad
Amsterdam
dc.description.fil
Fil: Catania, Carlos Adrian. Universidad Nacional de Cuyo; Argentina
dc.description.fil
Fil: Bromberg, Facundo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina. Universidad Tecnológica Nacional. Facultad Regional Mendoza. Departamento de Sistemas de Información. Laboratorio DHARMA; Argentina
dc.description.fil
Fil: Garcia Garino, Carlos Gabriel. Universidad Nacional de Cuyo. Facultad de Ingeniería; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Mendoza; Argentina
dc.journal.title
Expert Systems with Applications
dc.relation.alternativeid
info:eu-repo/semantics/altIdentifier/doi/http://dx.doi.org/10.1016/j.eswa.2011.08.068
Archivos asociados
Tamaño:
431.3Kb
Formato:
PDF