Intrusion Detection Research Papers

Intrusion Detection Research Papers-58
As most of these technologies share the same communication networks, many challenges have emerged; extensive data, traffic diversity and encryption.Such challenges made the identification of threats to develop the right protective measure a very difficult task.This work investigates how adapting the discriminating threshold of model predictions, specifically to the evaluated traffic, improves the detection rates of these intrusion detection models.

As most of these technologies share the same communication networks, many challenges have emerged; extensive data, traffic diversity and encryption.Such challenges made the identification of threats to develop the right protective measure a very difficult task.This work investigates how adapting the discriminating threshold of model predictions, specifically to the evaluated traffic, improves the detection rates of these intrusion detection models.

These differences can take various forms; for example, class distributions might differ in the new data from those used to build the ID model, and even new classes might emerge over time.

In addition, class balance (also known as data balance) can play an important role in the accuracy of constructed models, which could be affected as a result of pattern changes.

These phenomena are usually caused by the changes in network patterns, and lead to an early phasing out of such a model and a triggering of model regeneration or updating phase.

This could be linked to the inefficiency of using a fixed discriminating threshold for such ID models.

In Section 6, we present and thoroughly discuss the results of the first set of experiments that aimed to serve as a proof of concept.

In Section 7, we discuss the results of the second set of experiments that investigated threshold adaptation under different feature sets and data balance scenarios.

The effects of threshold adaptation on improving accuracy were statistically analysed.

Of the three compared algorithms, Random Forest was the most adaptable and had the highest detection rates.

In Section 2, we describe the problem that we address in this paper.

In Section 3, we discuss related work for threshold adaptation techniques, applications and main research gap.

SHOW COMMENTS

Comments Intrusion Detection Research Papers

The Latest from www.gribokinfo.ru ©