Nowadays, network intrusion detectors mainly rely on knowledge databases to detect suspicious traffic. These databases have to be continuously updated which requires important human resources and time. Unsupervised network anomaly detectors overcome this issue by using "intelligent" techniques to identify anomalies without any prior knowledge. However, these systems are often very complex as they need to explore the network traffic to identify flows patterns. Therefore, they are often unable to meet real-time requirements. In this paper, we present a new Online and Real-time Unsupervised Network Anomaly Detection Algorithm: ORUNADA. Our solution relies on a discrete time-sliding window to update continuously the feature space and an incremental grid clustering to detect rapidly the anomalies. The evaluations showed that ORUNADA can process online large network traffic while ensuring a low detection delay and good detection performance. The experiments performed on the traffic of a core network of a Spanish intermediate Internet service provider demonstrated that ORUNADA detects in less than half a second an anomaly after its occurrence. Furthermore, the results highlight that our solution outperforms in terms of TPR and FPR existing techniques reported in the literature.
International audienceNetwork anomaly detection relies on intrusion detection systems based on knowledge databases. However, building this knowledge may take time as it requires manual inspection of experts. Actual detection systems are unable to deal with 0-day attack or new user's behavior and in consequence they may fail in correctly detecting intrusions. Unsu-pervised network anomaly detectors overcome this issue as no previous knowledge is required. In counterpart, these systems may be very slow as they need to learn trac's pattern in order to acquire the necessary knowledge to detect anomalous ows. To improve speed, these systems are often only exposed to sampled trac, harmful trac may then avoid the detector examination. In this paper, we propose to take advantage of new distributed computing framework in order to speed up an Unsuper-vised Network Anomaly Detector Algorithm, UNADA. The evaluation shows that the execution time can be improved by a factor of 13 allowing UNADA to process large traces of trac in real time
Wireless Mobile ad hoc network (MANET) has become an exciting and important technology in recent years because of a rapid proliferation of wireless devices. MANET is a self-organizing network of wireless links connecting mobile nodes. MANET's technology offers both new challenges and opportunities for many applications. One of the major challenges for ad hoc technology is routing security, due essentially to MANET features (e.g., open medium, lack of centralized management, nodes mobility). In this paper, we propose ASRP, an efficient secure routing protocol to ensure the routing security in ad hoc networks. ASRP provides powerful security extensions to the reactive AODV protocol, based on modified secure remote password protocol and Diffie-Hellman (DH) algorithms. The simulation results show the efficiency of the proposed ASRP protocol, and its cost towards both the users and the network.• Packet Delivery Ratio: it is the rate of packets successfully delivered. This metric represents the percentage
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.