An iterative multiple sampling method for intrusion detection

Threats to network security increase with growing volumes and velocity of data across networks, and they present challenges not only to law enforcement agencies, but to businesses, families and individuals. The volume, velocity and veracity of shared data across networks entail accurate and reliable...

Full description

Saved in:
Bibliographic Details
Published in:Information security journal. 2018-07, Vol.27 (4), p.230-239
Main Authors: Mwitondi, Kassim S., Zargari, Shahrzad A.
Format: Article
Language:English
Subjects:
Algorithms
Business law
Cross-validation
cyber security
Cybersecurity
Data mining
dimensional reduction
Filtration
intrusion detection
Intrusion detection systems
Iterative methods
Law enforcement
Machine learning
Network security
principal component analysis
Scientific visualization
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by cdi_FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3
cites cdi_FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3
container_end_page 239
container_issue 4
container_start_page 230
container_title Information security journal.
container_volume 27
creator Mwitondi, Kassim S.
Zargari, Shahrzad A.
description Threats to network security increase with growing volumes and velocity of data across networks, and they present challenges not only to law enforcement agencies, but to businesses, families and individuals. The volume, velocity and veracity of shared data across networks entail accurate and reliable automated tools for filtering out useful from malicious, noisy or irrelevant data. While data mining and machine learning techniques have widely been adopted within the network security community, challenges and gaps in knowledge extraction from data have remained due to insufficient data sources on attacks on which to test the algorithms accuracy and reliability. We propose a data-flow adaptive approach to intrusion detection based on high-dimensional cyber-attacks data. The algorithm repeatedly takes random samples from an inherently bi-modal, high-dimensional dataset of 82,332 observations on 25 numeric and two categorical variables. Its main idea is to capture subtle information resulting from reduced data dimension of a large number of malicious flows and by iteratively estimating roles played by individual variables in construction of key components. Data visualization and numerical results provide a clear separation of a set of variables associated with attack types and show that component-dominating parameters are crucial in monitoring future attacks.
doi_str_mv 10.1080/19393555.2018.1539790
format article
fullrecord <record><control><sourceid>proquest_infor</sourceid><recordid>TN_cdi_proquest_journals_2129825030</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2129825030</sourcerecordid><originalsourceid>FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3</originalsourceid><addsrcrecordid>eNp9UE1LAzEUDKJgrf4EIeB5az42u5uDYClWhYIXPYdsPjRld7MmWaX_3pRWj57e8N7MPGYAuMZogVGDbjGnnDLGFgThZoEZ5TVHJ2C23xeUlfXpH2bsHFzEuEWoIpijGbhbDtAlE2RyXwb2U5fc2BkYZT92bniHvUkfXkPrA3RDClN0foDaJKNSRpfgzMoumqvjnIO39cPr6qnYvDw-r5abQtGGpYKVtqxwaVpcNYbQktNW1brlJc4rabkum6q2ihPcqnyTyhpbGao1sTpHMnQObg6-Y_Cfk4lJbP0UhvxSEEx4QxiiKLPYgaWCjzEYK8bgehl2AiOxb0r8NiX2TYljU1l3f9C5Iefs5bcPnRZJ7jofbJCDclHQ_y1-ADj1cII</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2129825030</pqid></control><display><type>article</type><title>An iterative multiple sampling method for intrusion detection</title><source>Business Source Ultimate【Trial: -2024/12/31】【Remote access available】</source><source>Taylor and Francis Science and Technology Collection</source><creator>Mwitondi, Kassim S. ; Zargari, Shahrzad A.</creator><creatorcontrib>Mwitondi, Kassim S. ; Zargari, Shahrzad A.</creatorcontrib><description>Threats to network security increase with growing volumes and velocity of data across networks, and they present challenges not only to law enforcement agencies, but to businesses, families and individuals. The volume, velocity and veracity of shared data across networks entail accurate and reliable automated tools for filtering out useful from malicious, noisy or irrelevant data. While data mining and machine learning techniques have widely been adopted within the network security community, challenges and gaps in knowledge extraction from data have remained due to insufficient data sources on attacks on which to test the algorithms accuracy and reliability. We propose a data-flow adaptive approach to intrusion detection based on high-dimensional cyber-attacks data. The algorithm repeatedly takes random samples from an inherently bi-modal, high-dimensional dataset of 82,332 observations on 25 numeric and two categorical variables. Its main idea is to capture subtle information resulting from reduced data dimension of a large number of malicious flows and by iteratively estimating roles played by individual variables in construction of key components. Data visualization and numerical results provide a clear separation of a set of variables associated with attack types and show that component-dominating parameters are crucial in monitoring future attacks.</description><identifier>ISSN: 1939-3555</identifier><identifier>EISSN: 1939-3547</identifier><identifier>DOI: 10.1080/19393555.2018.1539790</identifier><language>eng</language><publisher>Abingdon: Taylor &amp; Francis</publisher><subject>Algorithms ; Business law ; Cross-validation ; cyber security ; Cybersecurity ; Data mining ; dimensional reduction ; Filtration ; intrusion detection ; Intrusion detection systems ; Iterative methods ; Law enforcement ; Machine learning ; Network security ; principal component analysis ; Scientific visualization</subject><ispartof>Information security journal., 2018-07, Vol.27 (4), p.230-239</ispartof><rights>2018 Taylor &amp; Francis Group, LLC 2018</rights><rights>2018 Taylor &amp; Francis Group, LLC</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3</citedby><cites>FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Mwitondi, Kassim S.</creatorcontrib><creatorcontrib>Zargari, Shahrzad A.</creatorcontrib><title>An iterative multiple sampling method for intrusion detection</title><title>Information security journal.</title><description>Threats to network security increase with growing volumes and velocity of data across networks, and they present challenges not only to law enforcement agencies, but to businesses, families and individuals. The volume, velocity and veracity of shared data across networks entail accurate and reliable automated tools for filtering out useful from malicious, noisy or irrelevant data. While data mining and machine learning techniques have widely been adopted within the network security community, challenges and gaps in knowledge extraction from data have remained due to insufficient data sources on attacks on which to test the algorithms accuracy and reliability. We propose a data-flow adaptive approach to intrusion detection based on high-dimensional cyber-attacks data. The algorithm repeatedly takes random samples from an inherently bi-modal, high-dimensional dataset of 82,332 observations on 25 numeric and two categorical variables. Its main idea is to capture subtle information resulting from reduced data dimension of a large number of malicious flows and by iteratively estimating roles played by individual variables in construction of key components. Data visualization and numerical results provide a clear separation of a set of variables associated with attack types and show that component-dominating parameters are crucial in monitoring future attacks.</description><subject>Algorithms</subject><subject>Business law</subject><subject>Cross-validation</subject><subject>cyber security</subject><subject>Cybersecurity</subject><subject>Data mining</subject><subject>dimensional reduction</subject><subject>Filtration</subject><subject>intrusion detection</subject><subject>Intrusion detection systems</subject><subject>Iterative methods</subject><subject>Law enforcement</subject><subject>Machine learning</subject><subject>Network security</subject><subject>principal component analysis</subject><subject>Scientific visualization</subject><issn>1939-3555</issn><issn>1939-3547</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2018</creationdate><recordtype>article</recordtype><recordid>eNp9UE1LAzEUDKJgrf4EIeB5az42u5uDYClWhYIXPYdsPjRld7MmWaX_3pRWj57e8N7MPGYAuMZogVGDbjGnnDLGFgThZoEZ5TVHJ2C23xeUlfXpH2bsHFzEuEWoIpijGbhbDtAlE2RyXwb2U5fc2BkYZT92bniHvUkfXkPrA3RDClN0foDaJKNSRpfgzMoumqvjnIO39cPr6qnYvDw-r5abQtGGpYKVtqxwaVpcNYbQktNW1brlJc4rabkum6q2ihPcqnyTyhpbGao1sTpHMnQObg6-Y_Cfk4lJbP0UhvxSEEx4QxiiKLPYgaWCjzEYK8bgehl2AiOxb0r8NiX2TYljU1l3f9C5Iefs5bcPnRZJ7jofbJCDclHQ_y1-ADj1cII</recordid><startdate>20180704</startdate><enddate>20180704</enddate><creator>Mwitondi, Kassim S.</creator><creator>Zargari, Shahrzad A.</creator><general>Taylor &amp; Francis</general><general>Taylor &amp; Francis Ltd</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>K7.</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20180704</creationdate><title>An iterative multiple sampling method for intrusion detection</title><author>Mwitondi, Kassim S. ; Zargari, Shahrzad A.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2018</creationdate><topic>Algorithms</topic><topic>Business law</topic><topic>Cross-validation</topic><topic>cyber security</topic><topic>Cybersecurity</topic><topic>Data mining</topic><topic>dimensional reduction</topic><topic>Filtration</topic><topic>intrusion detection</topic><topic>Intrusion detection systems</topic><topic>Iterative methods</topic><topic>Law enforcement</topic><topic>Machine learning</topic><topic>Network security</topic><topic>principal component analysis</topic><topic>Scientific visualization</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Mwitondi, Kassim S.</creatorcontrib><creatorcontrib>Zargari, Shahrzad A.</creatorcontrib><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Criminal Justice (Alumni)</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Information security journal.</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Mwitondi, Kassim S.</au><au>Zargari, Shahrzad A.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An iterative multiple sampling method for intrusion detection</atitle><jtitle>Information security journal.</jtitle><date>2018-07-04</date><risdate>2018</risdate><volume>27</volume><issue>4</issue><spage>230</spage><epage>239</epage><pages>230-239</pages><issn>1939-3555</issn><eissn>1939-3547</eissn><abstract>Threats to network security increase with growing volumes and velocity of data across networks, and they present challenges not only to law enforcement agencies, but to businesses, families and individuals. The volume, velocity and veracity of shared data across networks entail accurate and reliable automated tools for filtering out useful from malicious, noisy or irrelevant data. While data mining and machine learning techniques have widely been adopted within the network security community, challenges and gaps in knowledge extraction from data have remained due to insufficient data sources on attacks on which to test the algorithms accuracy and reliability. We propose a data-flow adaptive approach to intrusion detection based on high-dimensional cyber-attacks data. The algorithm repeatedly takes random samples from an inherently bi-modal, high-dimensional dataset of 82,332 observations on 25 numeric and two categorical variables. Its main idea is to capture subtle information resulting from reduced data dimension of a large number of malicious flows and by iteratively estimating roles played by individual variables in construction of key components. Data visualization and numerical results provide a clear separation of a set of variables associated with attack types and show that component-dominating parameters are crucial in monitoring future attacks.</abstract><cop>Abingdon</cop><pub>Taylor &amp; Francis</pub><doi>10.1080/19393555.2018.1539790</doi><tpages>10</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier ISSN: 1939-3555
ispartof Information security journal., 2018-07, Vol.27 (4), p.230-239
issn 1939-3555
1939-3547
language eng
recordid cdi_proquest_journals_2129825030
source Business Source Ultimate【Trial: -2024/12/31】【Remote access available】; Taylor and Francis Science and Technology Collection
subjects Algorithms
Business law
Cross-validation
cyber security
Cybersecurity
Data mining
dimensional reduction
Filtration
intrusion detection
Intrusion detection systems
Iterative methods
Law enforcement
Machine learning
Network security
principal component analysis
Scientific visualization
title An iterative multiple sampling method for intrusion detection
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-02T12%3A25%3A47IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_infor&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20iterative%20multiple%20sampling%20method%20for%20intrusion%20detection&rft.jtitle=Information%20security%20journal.&rft.au=Mwitondi,%20Kassim%20S.&rft.date=2018-07-04&rft.volume=27&rft.issue=4&rft.spage=230&rft.epage=239&rft.pages=230-239&rft.issn=1939-3555&rft.eissn=1939-3547&rft_id=info:doi/10.1080/19393555.2018.1539790&rft_dat=%3Cproquest_infor%3E2129825030%3C/proquest_infor%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c385t-54f4614eb168e23493bc7db941eb1af9d4867fc921bc93bacfef6e3dd2fd018e3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2129825030&rft_id=info:pmid/&rfr_iscdi=true