Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Statistical and Signature Analysis Methods of Intrusion Detection
Kharkiv National University of Radio Electronics, UKR.ORCID iD: 0000-0001-5975-0269
Kharkiv National University of Radio Electronics, UKR.ORCID iD: 0000-0002-2780-7993
Prince Sattam Bin Abdulaziz University, SAU.ORCID iD: 0000-0002-6586-2141
Kharkiv National University of Radio Electronics, UKR.ORCID iD: 0000-0002-2686-3854
Show others and affiliations
2022 (English)In: Information Security Technologies in the Decentralized Distributed Networks / [ed] Roman Oliynykov, Oleksandr Kuznetsov, Oleksandr Lemeshko, Tamara Radivilova, Springer, 2022, p. 115-131Chapter in book (Refereed)
Abstract [en]

Existing models and methods of intrusion detection are mostly aimed at detecting intensive attacks, do not take into account the security of computer system resources and the properties of information flows. This limits the ability to detect anomalies in computer systems and information flows in a timely manner. The latest monitoring and intrusion detection solutions must take into account self-similar and statistical traffic characteristics, deep packet analysis, and the time it takes to process the information. An analysis of properties traffic and data collected at nodes and in the network was performed. Based on the analysis traffic parameters that will be used as indicators for intrusion detection were selected. A method of intrusion detection based on packet statistical analysis is described and simulated. A comparative analysis of binary classification of fractal time series by machine learning methods is performed. We consider classification by the example of different types of attack detection in traffic implementations. Random forest with regression trees and multilayer perceptron with periodic normalization were chosen as classification methods. The experimental results showed the effectiveness of the proposed methods in detecting attacks and identifying their type. All methods showed high attack detection accuracy values and low false positive values. © 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.

Place, publisher, year, edition, pages
Springer, 2022. p. 115-131
Series
Lecture Notes on Data Engineering and Communications Technologies, ISSN 23674512, E-ISSN 23674520
Keywords [en]
Attacks, Classification, Intrusion detection, Machine learning, Security, Self-similar traffic, Statistical analysis
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:bth-22824DOI: 10.1007/978-3-030-95161-0_5Scopus ID: 2-s2.0-85127981778ISBN: 9783030951610 (print)OAI: oai:DiVA.org:bth-22824DiVA, id: diva2:1650626
Available from: 2022-04-07 Created: 2022-04-07 Last updated: 2022-04-21Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Baranovskyi, Oleksii

Search in DiVA

By author/editor
Radivilova, TamaraKirichenko, LyudmylaAlghawli, Abed SaifAgeyev, DmytroMulesa, OksanaBaranovskyi, OleksiiIlkov, AndriiKulbachnyi, VladyslavBondarenko, Oleg
By organisation
Department of Computer Science
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 161 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf