2022
DOI: 10.3390/sym14010105
|View full text |Cite
|
Sign up to set email alerts
|

An Anomaly-Based IDS Framework Using Centroid-Based Classification

Abstract: Botnet is an urgent problem that will reduce the security and availability of the network. When the bot master launches attacks to certain victims, the infected users are awakened, and attacks start according to the commands from the bot master. Via Botnet, DDoS is an attack whose purpose is to paralyze the victim’s service. In all kinds of DDoS, SYN flood is still a problem that reduces security and availability. To enhance the security of the Internet, IDS is proposed to detect attacks and protect the server… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
3
0
1

Year Published

2022
2022
2023
2023

Publication Types

Select...
4
1

Relationship

0
5

Authors

Journals

citations
Cited by 6 publications
(4 citation statements)
references
References 29 publications
0
3
0
1
Order By: Relevance
“…It starts with a general overview of the framework, followed by a detailed explanation of how each component works. The AW updates the applicable ruleset, monitors the performance of the LID, and updates the MAD after a successful reconfiguration [24]. The MAD handles the reconfiguration of multiple LIDs, manages their lifecycle, and collects performance metrics.…”
Section: G Self-adaptable System For Intrusion Detection In Iaasmentioning
confidence: 99%
See 1 more Smart Citation
“…It starts with a general overview of the framework, followed by a detailed explanation of how each component works. The AW updates the applicable ruleset, monitors the performance of the LID, and updates the MAD after a successful reconfiguration [24]. The MAD handles the reconfiguration of multiple LIDs, manages their lifecycle, and collects performance metrics.…”
Section: G Self-adaptable System For Intrusion Detection In Iaasmentioning
confidence: 99%
“…LIDs are deployed on separate nodes and are used to collect and analyze network packets, either using anomaly-based or signature-based techniques. The AW updates the applicable ruleset, monitors the performance of the LID, and updates the MAD after a successful reconfiguration[24]. The MAD handles the reconfiguration of multiple LIDs, manages their lifecycle, and collects performance metrics.…”
mentioning
confidence: 99%
“…In this study, we present five standard binary classifiers: the k-Nearest Neighbor (k-NN), weighted k-NN (wk-NN), DT, SVM, and Feedforward Neural Network (FNN). A k-NN is the most well-known distance-based algorithm that assigns a new instance to a class to which most of its k nearest neighbors belong [12,13]. A k-NN model with k = 10 and a similarity measure is based on Euclidean distance because of its robustness to noisy data, flexibility, and easy implementation [14].…”
Section: Introductionmentioning
confidence: 99%
“…IDS sendiri terbagi menjadi dua tipe yaitu signature-based dan anomaly-based, anomalybased mengklasifikasikan serangan dengan membandingkan paket, apabila paket dirasa tidak normal maka paket akan diklasifikasi sebagai serangan. berbeda dengan anomaly-based, signature-based membandingkan paket data dengan data serangan yang telah diidentifikasi sebelumnya, sehingga anomaly-based memiliki kelebihan dapat menganalisis serangan yang tidak dikenali sebelumnya [4]. Deteksi anomali dapat dimanfaatkan untuk mengenali serangan dari pengalaman untuk mendeteksi perilaku yang tidak normal dari pengguna [5].…”
unclassified