A Network Misuse Detection Mechanism Based on Traffic Log

Yang, Yanxi; Huang, Chun-Fang; Qin, Zhijing

doi:10.1109/nswctc.2009.237

Cited by 5 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The traditional intrusion detection algorithms 4 mainly include: misuse detection and anomaly detection. Misuse detection [5][6][7] is to determine whether an event is an intrusion behavior by determining a set of rules. It has high accuracy and low false detection rate (FDR), but the deficiency is that it cannot detect unknown attacks.…”

Section: Introductionmentioning

confidence: 99%

A many‐objective integrated evolutionary algorithm for feature selection in anomaly detection

Zhang

Xie

2020

Concurrency and Computation

View full text Add to dashboard Cite

At present, irrelevant or redundant features in network traffic data occupy a lot of storage and computing resources, reducing the accuracy of network anomaly detection. Aiming at this problem, a many-objective feature selection model is proposed in this article. The model takes the number of selected feature, false alarm rate, detection rate, precision and accuracy as the optimization objectives, and characterizes the performance of the feature selection method from different perspectives. At the same time, a many-objective integration optimization algorithm (IN-MaOEA) is designed to solve this model. First, the algorithm will build the evolution strategy pool and the dominance strategy pool, then a random probability strategy selection mechanism is designed to improve the algorithm's convergence and diversity. At the same time, an anomaly detection simulation was performed using the NSL-KDD dataset. Experimental results show that the IN-MaOEA algorithm can effectively improve the performance of detection.

show abstract

Section: Introductionmentioning

confidence: 99%