Intrusion Detection Systems (IDS) are now an essential element when it comes to securing computers and networks. Despite the huge research efforts done in the field, handling sources' reliability remains an open issue. To address this problem, this paper proposes a novel contextual discounting method based on sources' reliability and their distinguishing ability between normal and abnormal behavior. Dempster-Shafer theory, a general framework for reasoning under uncertainty, is used to construct an evidential classifier. The NSL-KDD dataset, a significantly revised and improved version of the existing KDDCUP'99 dataset, provides the basis for assessing the performance of our new detection approach. While giving comparable results on the KDDTest+ dataset, our approach outperformed some other state-of-the-art methods on the KDDTest-21 dataset which is more challenging.
翻译:入侵探测系统(IDS)现在已成为确保计算机和网络安全的一个基本要素。尽管在实地做了大量研究,但处理源的可靠性仍然是一个未决问题。为解决这一问题,本文件建议采用一种基于源的可靠性及其正常行为和异常行为之间区分能力的新背景贴现方法。Dempster-Shafer理论是不确定性中推理的一般框架,用于构建一个证据分类器。NSL-KDDD数据集是现有的KDDCUP'99数据集的一个经过重大修订和改进的版本,它为评估我们新探测方法的性能提供了基础。我们的方法在提供KDDTest+数据集的可比结果的同时,在KDDTest-21数据集上优于其他一些更具挑战性的最新方法。
相关内容
微信扫码咨询专知VIP会员