A Nonlinear Correlation Measure for Intrusion Detection

IEEE Computer Society
Publication Type:
Conference Proceeding
The 7th International Conference on Frontier of Computer Science and Technology (FCST-12), 2012, pp. 1 - 7
Issue Date:
Full metadata record
The popularity of the Internet supplies attackers with a new means to violate any organizations and individuals. This raises the concerns of the Internet users and research community. One of the effective solutions of addressing this issue is Intrusion Detection System (IDS), which is defined as a type of security tools used to detect any malicious behaviors on computer networks. However, IDSs are commonly prone to high false positive rates. In order to solve this technical challenge, this paper proposes an effective Nonlinear Correlation Coefficient (NCC) based measure, which can accurately extract both linear and nonlinear correlations between network traffic records, for intrusion detection. Then, we demonstrate the effectiveness of our proposed NCC-based measure in extracting correlations by comparing against the Pearsonâs Correlation Coefficient (PCC) based measure. The demonstration is conducted on KDD Cup 99 data set, and the experimental results show that our proposed NCC-based measure not only helps reduce false alarm rate, but also helps distinguish normal and abnormal behaviors efficiently.
Please use this identifier to cite or link to this item: