Chockalingam Karuppanchetty scite author profile

Chockalingam Karuppanchetty

3Publications

5Citation Statements Received

36Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Alabama in Huntsville

Publications

Order By: Most citations

Artificially Augmented Training for Anomaly-based Network Intrusion Detection Systems

Karuppanchetty¹,

Edmonds²,

Kim³

et al. 2015

IJCNIS

View full text Add to dashboard Cite

Attacks on web servers are becoming increasingly prevalent; the resulting social and economic impact of successful attacks is also exacerbated by our dependency on web-based applications. There are many existing attack detection and prevention schemes, which must be carefully configured to ensure their efficacy. In this paper, we present a study challenges that arise in training network payload anomaly detection schemes that utilize collected network traffic for tuning and configuration. The advantage of anomaly-based intrusion detection is in its potential for detecting zero day attacks. These types of schemes, however, require extensive training to properly model the normal characteristics of the system being protected. Usually, training is done through the use of real data collected by monitoring the activity of the system. In practice, network operators or administrators may run into cases where they have limited availability of such data. This issue can arise due to the system being newly deployed (or heavily modified) or due to the content or behavior that leads to normal characterization having been changed. We show that artificially generated packet payloads can be used to effectively augment the training and tuning. We evaluate the method using real network traffic collected at a server site; We illustrate the problem at first (use of highly variable and unsuitable training data resulting in high false positives of 3.6∼10%), then show improvements using the augmented training method (false positives as low as 0.2%). We also measure the impact on network performance, and present a lookup based optimization that can be used to improve latency and throughput.

show abstract

Efficient tuning methodologies for a network payload anomaly inspection scheme

Edmonds

Kim

MacIntyre

et al. 2016

View full text Add to dashboard Cite

Consumers and service providers are both becoming increasingly concerned about new, never-before-seen attacks. Anomaly-based intrusion prevention is an important part of cybersecurity, which offers the possibility of detecting some zeroday attacks. Typically, detection speed and efficacy (in terms of true and false positives) are considered in evaluating intrusion detection schemes. However, effective configuration (training and tuning) is critical for deployment of such schemes in practice. As network traffic may shift over time, the ability to perform fast reconfiguration is needed to provide the level of security necessary for future applications. We present parallel mapping and genetic algorithms-based approaches, which can be used to achieve rapid training and tuning for a highly efficient payload-based anomaly detection algorithm.

show abstract

Using artificial packets for training network payload anomaly detection systems

Karuppanchetty

Edmonds

Kim

2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.