Reference : A training-resistant anomaly detection system
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/36142
A training-resistant anomaly detection system
-
Muller, Steve mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) >]
Lancrenon, Jean [itrust consulting s.à r.l., Niederanven, Luxembourg]
Harpes, Carlo [itrust consulting s.à r.l., Niederanven, Luxembourg]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)]
Gombault, Sylvain [IMT Atlantique, IRISA, UBL, Rennes, Bretagne, France]
Bonnin, Jean-Marie [IMT Atlantique, IRISA, UBL, Rennes, Bretagne, France]
2018
Computers & Security
Elsevier Ltd
76
1-11
Yes (verified by ORBilu)
International
0167-4048
[en] Anomaly detection ; Intrusion detection system ; Machine learning ; Network security ; Training attack ; Artificial intelligence ; Computer crime ; Denial-of-service attack ; Learning systems ; Mercury (metal) ; Telecommunication traffic ; Anomaly detection systems ; Denial of Service ; Detection scheme ; Intrusion Detection Systems ; Learning process ; Network intrusion detection systems ; Traffic anomalies ; Intrusion detection
[en] Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a cost: malicious software can interfere with the learning process, and teach the intrusion detection system to accept dangerous traffic. This paper presents an intrusion detection system (IDS) that is able to detect common network attacks including but not limited to, denial-of-service, bot nets, intrusions, and network scans. With the help of the proposed example IDS, we show to what extent the training attack (and more sophisticated variants of it) has an impact on machine learning based detection schemes, and how it can be detected. © 2018 Elsevier Ltd
http://hdl.handle.net/10993/36142
10.1016/j.cose.2018.02.015

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
preprint.pdfAuthor preprint545.46 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.