Redundant and irrelevant features in data have caused a long-term problem in network traffic classification. These features not only slow down the process of classification but also prevent a classifier from making accurate decisions, especially when coping with big data. In this paper, we propose a mutual information based algorithm that analytically selects the optimal feature for classification. This mutual information based feature selection algorithm can handle linearly and nonlinearly dependent data features. Its effectiveness is evaluated in the cases of network intrusion detection. An Intrusion Detection System (IDS), named Least Square Support Vector Machine based IDS (LSSVM-IDS), is built using the features selected by our proposed feature selection algorithm. The performance of LSSVM-IDS is evaluated using three intrusion detection evaluation datasets, namely KDD Cup 99, NSL-KDD and Kyoto 2006+ dataset. The evaluation results show that our feature selection algorithm contributes more critical features for LSSVM-IDS to achieve better accuracy and lower computational cost compared with the state-of-the-art methods.
the ensemble detection system involves time-consuming computation and cannot work real-time. Yu et al. [21] suggested a two-tier hierarchical detection system using SVM. The hierarchical structure and one-class SVM (i.e., Support Vector Data Description) equip it with the advantage in classifying various attacks into their appropriate classes. This detection system achieved its best attack detection rate of 99.40% using 3 selected Management Information Based (MIB) features. Statistical analysis techniques have been employed to conduct investigation into attributes of network traffic packets and to determine a rationale threshold for discriminating attacks from the legitimate traffic. Wang et al. [22] proposed a sequential Change-Point Monitoring (CPM) approach for the detection of DoS attacks. A non-parametric Cumulative Sum (CUSUM) algorithm was used in the CPM to evaluate the significance of the changes of traffic patterns and to determine the appearance of DoS attacks. The CPM is more suitable for analysing a complex network environment. Whereas in [22], CPM was only tested using SYN flooding attacks. Moreover, its performance is possibly affected by network indiscipline. Kim and Reddy [23] suggested a statistical-based approach to detect anomalies at an egress router. Discrete wavelet transform was used to transform address correlation data (i.e., the correlation of destination IP addresses, port numbers and the number of flows). This statistical-based detection technique provides a solution to detect outgoing anomalous traffic at source networks. Thatte et al. [24] developed a bivariate Parametric Detection Mechanism (bPDM) operating on aggregate traffic. The bPDM applies the Sequential Probability Ratio Test (SPRT) on two aggregate traffic statistics (i.e., packet rate and packet size), and it alleges an anomaly only when a rise in the traffic volume is associated with a change in the distribution of packet-size. Despite the afore-discussed systems or approaches show innovation and promise in different aspects of attack detection, they still suffer from relatively high false positive rates. This is partly because they either neglect the dependency and correlation between features/attributes or do not manage to fully exploit the correlation [25]. Some recent studies attempt to cope with this problem by taking full advantage of the correlation in their designs. Thottan and Ji [10] developed an abrupt change detection approach which employs statistical signal processing technique based on the Auto-Regression (AR) process. An operation matrix (A), which retained "the ensemble average of the two point spatial cross-correlation of the abnormality vectors estimated over a time interval T " [10], participated in the computation of the value of abnormality indicator. Although this detection approach has shown to be effective in detecting several network anomalies, it is still an open topic for now how to manage features with various time granularities. Jin et al. [11] proposed a statistical detection approach using...
Authentication and revocation of users inVehicular Adhoc Networks (VANETS) are two vital security aspects. It is extremely important to perform these actions promptly and efficiently. The past works addressing these issues lack in mitigating the reliance on the centralized trusted authority and therefore do not provide distributed and decentralized security. This paper proposes a blockchain based authentication and revocation framework for vehicular networks, which not only reduces the computation and communication overhead by mitigating dependency on a trusted authority for identity verification, but also speedily updates the status of revocated vehicles in the shared blockchain ledger. In the proposed framework, vehicles obtain their Pseudo IDs from the Certificate Authority (CA), which are stored along with their certificate in the immutable authentication blockchain and the pointer corresponding to the entry in blockchain, enables the Road Side Units (RSUs) to verify the identity of a vehicle on road. The efficiency and performance of the framework has been validated using the Omnet++ simulation environment.
Automatic license plate recognition (ALPR) is one of the most important aspects of applying computer techniques towards intelligent transportation systems. In order to recognize a license plate efficiently, however, the location of the license plate, in most cases, must be detected in the first place. Due to this reason, detecting the accurate location of a license plate from a vehicle image is considered to be the most crucial step of an ALPR system, which greatly affects the recognition rate and speed of the whole system. In this paper, a region-based license plate detection method is proposed. In this method, firstly, mean shift is used to filter and segment a color vehicle image in order to get candidate regions. These candidate regions are then analyzed and classified in order to decide whether a candidate region contains a license plate. Unlike other existing license plate detection methods, the proposed method focuses on regions, which demonstrates to be more robust to interference characters and more accurate when compared with other methods. r
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.