文章基本信息

标题：Substantiating Anomalies In Wireless Networks Using Group Outlier Scores
本地全文：下载
作者：Sithirasenan, Elankayer ; Muthukkumarasamy, Vallipuram
期刊名称：Journal of Software
印刷版ISSN：1796-217X
出版年度：2011
卷号：6
期号：4
页码：678-689
DOI：10.4304/jsw.6.4.678-689
语种：English
出版社：Academy Publisher
摘要：Huge amounts of network traces can be collected from today’s busy computer networks. Analyzing these traces could pave the way to detect unusual conditions and/or other anomalies. Presently, due to the lack of effective substantiating mechanisms intrusion detection systems often exhibit numerous false positives or negatives. The efficiency of a network intrusion detection system (NIDS) depends very much on detecting and effectively validating the detected anomalies. Furthermore, most NIDSs do not have proven mechanisms that will easily accommodate legitimate dynamic changes. Achieving dynamic adaptation in real time has been a long standing desire for effective intrusion detection and prevention. Real time detection of outliers is a feasible option to substantiate anomalies in large data sets, leading to effective intrusion detection and prevention. In this context we propose and investigate a novel mechanism to detect intruders and to classify security threats using group outliers. Our system monitors for timing and/or behavioral anomalies and uses outlier based techniques to substantiate the anomaly. In this paper we introduce the concept of Group Outlier Score (GOS) and its use in substantiating security threats in wireless networks. We have tested the concept on our experimental wireless networking environment. The analysis of the results reveals that with a threshold value of 1.2 for GOS our system demonstrates optimum performance.
关键词：Security; Outlier Detection; Intrusion Detection; Wireless Networks