A Nonlinear Correlation Measure for Intrusion Detection

Ambu Saidi, MA; Lu, L; Tan, T; He, S; Jamdagni, A; Nanda, P

A Nonlinear Correlation Measure for Intrusion Detection

Ambu Saidi, MA Lu, L Tan, T He, S

Jamdagni, A Nanda, P

Permalink

Publisher:: IEEE Computer Society
Publication Type:: Conference Proceeding
Citation:: The 7th International Conference on Frontier of Computer Science and Technology (FCST-12), 2012, pp. 1 - 7
Issue Date:: 2012-01

Open Access

Copyright Clearance Process

Recently Added
In Progress
Open Access

This item is open access.

Adobe PDF

Download full textAdobe PDF (380.34 kB)

View statistics

Full metadata record

Field	Value	Language
dc.contributor.author	Ambu Saidi, MA	en_US
dc.contributor.author	Lu, L	en_US
dc.contributor.author	Tan, T	en_US
dc.contributor.author	He, S https://orcid.org/0000-0001-8962-540X	en_US
dc.contributor.author	Jamdagni, A	en_US
dc.contributor.author	Nanda, P https://orcid.org/0000-0002-5748-155X	en_US
dc.contributor.editor	Ambusaidi, M	en_US
dc.contributor.editor	Lu, LF	en_US
dc.contributor.editor	He, X	en_US
dc.contributor.editor	Tan, Z	en_US
dc.contributor.editor	Jamdagni, A	en_US
dc.contributor.editor	Nanda, P https://orcid.org/0000-0002-5748-155X	en_US
dc.date	2012-11-21	en_US
dc.date.issued	2012-01	en_US
dc.identifier.citation	The 7th International Conference on Frontier of Computer Science and Technology (FCST-12), 2012, pp. 1 - 7	en_US
dc.identifier.uri	http://hdl.handle.net/10453/33276
dc.description.abstract	The popularity of the Internet supplies attackers with a new means to violate any organizations and individuals. This raises the concerns of the Internet users and research community. One of the effective solutions of addressing this issue is Intrusion Detection System (IDS), which is defined as a type of security tools used to detect any malicious behaviors on computer networks. However, IDSs are commonly prone to high false positive rates. In order to solve this technical challenge, this paper proposes an effective Nonlinear Correlation Coefficient (NCC) based measure, which can accurately extract both linear and nonlinear correlations between network traffic records, for intrusion detection. Then, we demonstrate the effectiveness of our proposed NCC-based measure in extracting correlations by comparing against the Pearsonâs Correlation Coefficient (PCC) based measure. The demonstration is conducted on KDD Cup 99 data set, and the experimental results show that our proposed NCC-based measure not only helps reduce false alarm rate, but also helps distinguish normal and abnormal behaviors efficiently.	en_US
dc.publisher	IEEE Computer Society	en_US
dc.relation.ispartof	The 7th International Conference on Frontier of Computer Science and Technology (FCST-12)	en_US
dc.relation.ispartof	International Conference on Frontier of Computer Science and Technology	en_US
dc.rights	© 2012 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.	en_US
dc.title	A Nonlinear Correlation Measure for Intrusion Detection	en_US
dc.type	Conference Proceeding
utslib.location	Suzhou, China	en_US
utslib.location.activity	Suzhou, China	en_US
utslib.for	0806 Information Systems	en_US
dc.location.activity	Suzhou, China
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	/University of Technology Sydney/Strength - CRIN - Realtime Information Networks
pubs.organisational-group	/University of Technology Sydney/Strength - GBDTC - Global Big Data Technologies
pubs.organisational-group	/University of Technology Sydney/Strength - INEXT - Innovation in IT Services and Applications
utslib.copyright.status	open_access
pubs.consider-herdc	true	en_US
pubs.finish-date	2012-11-23	en_US
pubs.place-of-publication	Suzhou, China	en_US
pubs.start-date	2012-11-21	en_US

Abstract:

The popularity of the Internet supplies attackers with a new means to violate any organizations and individuals. This raises the concerns of the Internet users and research community. One of the effective solutions of addressing this issue is Intrusion Detection System (IDS), which is defined as a type of security tools used to detect any malicious behaviors on computer networks. However, IDSs are commonly prone to high false positive rates. In order to solve this technical challenge, this paper proposes an effective Nonlinear Correlation Coefficient (NCC) based measure, which can accurately extract both linear and nonlinear correlations between network traffic records, for intrusion detection. Then, we demonstrate the effectiveness of our proposed NCC-based measure in extracting correlations by comparing against the Pearsonâs Correlation Coefficient (PCC) based measure. The demonstration is conducted on KDD Cup 99 data set, and the experimental results show that our proposed NCC-based measure not only helps reduce false alarm rate, but also helps distinguish normal and abnormal behaviors efficiently.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/33276