Efficient training data extraction framework for intrusion detection systems - Equipe Cybersecurity for Communication and Networking Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

Efficient training data extraction framework for intrusion detection systems

Résumé

One of the most important challenges in networks of future is how to provide security services in an efficient and quick manner without questioning the conceptual model of these networks. NIDS (Network Intrusion Detection system) is an effective approach for dealing with these security issues. Their detection engines use two main approaches to inspect malicious traffic; misuse detection and anomaly detection. Machine learning approaches have been widely investigated in anomaly detection systems. However, despite multiple academic researches, such systems are rarely employed in operational settings. They suffer from long time training, lack of good quality training data and a random selection of features (training attributes). This paper aims to resolve issues of limited quantity and quality of training data sets and investigates the impact of features selection process on the classification performance. It introduces a novel framework to extract efficient real " ground-truth " training data sets from the network traffic for supervised machine learning algorithms. We support this claim by performing the evaluation of results on a Naive Bayesian classifier.

Domaines

Informatique
Fichier principal
Vignette du fichier
07333298.pdf (124 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01358229 , version 1 (31-08-2016)

Identifiants

Citer

Abdelhamid Makiou, Ahmed Serhrouchni. Efficient training data extraction framework for intrusion detection systems. Network of the Future , Sep 2015, Montréal, Canada. ⟨10.1109/NOF.2015.7333298⟩. ⟨hal-01358229⟩
314 Consultations
308 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More