The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection

Tamara Radivilova; Lyudmyla Kirichenko; Abed Saif Alghawli; Andrii Ilkov; Maxim Tawalbeh; Petro Zinchenko

doi:10.1109/DESSERT50317.2020.9125051

The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection

Tamara Radivilova, Lyudmyla Kirichenko, Abed Saif Alghawli, Andrii Ilkov, Maxim Tawalbeh, Petro Zinchenko

Computer Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

14 Scopus citations

Abstract

Intrusion detection is an important task on network cybersecurity. Intrusion detection systems solve this problem by using various methods. An analysis of the relevant works that offer possible solutions are presented, and a description of the proposed complex method that allows online identification of attacks is provided. The proposed complex method based on the joint application of the signature analysis method, entropy protocols analysis method, and machine learning method for behavior traffic analysis. The probability of intrusion detection used and based on the confusion matrix, the completeness, and the F-measure. There is a problem not only to detect the attacks but to identify the type of ones. Many attacks can be detected by using the proposed complex method, but also, this method allows to identify the type of attack and choose the type of defenses. The proposed complex method was compared to existing methods. Simulation results have shown that the proposed method better identifies attacks and has fewer false positives detections.

Original language	English
Title of host publication	Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	133-137
Number of pages	5
ISBN (Electronic)	9781728199573
DOIs	https://doi.org/10.1109/DESSERT50317.2020.9125051
State	Published - May 2020
Event	11th IEEE International Conference on Dependable Systems, Services and Technologies, DESSERT 2020 - Kyiv, Ukraine Duration: 14 May 2020 → 18 May 2020

Publication series

Name	Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020

Conference

Conference	11th IEEE International Conference on Dependable Systems, Services and Technologies, DESSERT 2020
Country/Territory	Ukraine
City	Kyiv
Period	14/05/20 → 18/05/20

Keywords

anomaly detection
attacks
behavior method
complex method
entropy analysis
Intrusion detection system
machine learning
signature analysis

Access to Document

10.1109/DESSERT50317.2020.9125051

Cite this

Radivilova, T., Kirichenko, L., Alghawli, A. S., Ilkov, A., Tawalbeh, M., & Zinchenko, P. (2020). The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection. In Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020 (pp. 133-137). Article 9125051 (Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DESSERT50317.2020.9125051

Radivilova, Tamara ; Kirichenko, Lyudmyla ; Alghawli, Abed Saif et al. / The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection. Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020. Institute of Electrical and Electronics Engineers Inc., 2020. pp. 133-137 (Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020).

@inproceedings{baea207597cf418ea924aa1b31b27e0d,

title = "The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection",

abstract = "Intrusion detection is an important task on network cybersecurity. Intrusion detection systems solve this problem by using various methods. An analysis of the relevant works that offer possible solutions are presented, and a description of the proposed complex method that allows online identification of attacks is provided. The proposed complex method based on the joint application of the signature analysis method, entropy protocols analysis method, and machine learning method for behavior traffic analysis. The probability of intrusion detection used and based on the confusion matrix, the completeness, and the F-measure. There is a problem not only to detect the attacks but to identify the type of ones. Many attacks can be detected by using the proposed complex method, but also, this method allows to identify the type of attack and choose the type of defenses. The proposed complex method was compared to existing methods. Simulation results have shown that the proposed method better identifies attacks and has fewer false positives detections.",

keywords = "anomaly detection, attacks, behavior method, complex method, entropy analysis, Intrusion detection system, machine learning, signature analysis",

author = "Tamara Radivilova and Lyudmyla Kirichenko and Alghawli, \{Abed Saif\} and Andrii Ilkov and Maxim Tawalbeh and Petro Zinchenko",

note = "Publisher Copyright: {\textcopyright} 2020 IEEE.; 11th IEEE International Conference on Dependable Systems, Services and Technologies, DESSERT 2020 ; Conference date: 14-05-2020 Through 18-05-2020",

year = "2020",

month = may,

doi = "10.1109/DESSERT50317.2020.9125051",

language = "English",

series = "Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "133--137",

booktitle = "Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020",

address = "United States",

}

Radivilova, T, Kirichenko, L, Alghawli, AS, Ilkov, A, Tawalbeh, M & Zinchenko, P 2020, The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection. in Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020., 9125051, Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020, Institute of Electrical and Electronics Engineers Inc., pp. 133-137, 11th IEEE International Conference on Dependable Systems, Services and Technologies, DESSERT 2020, Kyiv, Ukraine, 14/05/20. https://doi.org/10.1109/DESSERT50317.2020.9125051

The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection. / Radivilova, Tamara; Kirichenko, Lyudmyla; Alghawli, Abed Saif et al.
Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020. Institute of Electrical and Electronics Engineers Inc., 2020. p. 133-137 9125051 (Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection

AU - Radivilova, Tamara

AU - Kirichenko, Lyudmyla

AU - Alghawli, Abed Saif

AU - Ilkov, Andrii

AU - Tawalbeh, Maxim

AU - Zinchenko, Petro

PY - 2020/5

Y1 - 2020/5

N2 - Intrusion detection is an important task on network cybersecurity. Intrusion detection systems solve this problem by using various methods. An analysis of the relevant works that offer possible solutions are presented, and a description of the proposed complex method that allows online identification of attacks is provided. The proposed complex method based on the joint application of the signature analysis method, entropy protocols analysis method, and machine learning method for behavior traffic analysis. The probability of intrusion detection used and based on the confusion matrix, the completeness, and the F-measure. There is a problem not only to detect the attacks but to identify the type of ones. Many attacks can be detected by using the proposed complex method, but also, this method allows to identify the type of attack and choose the type of defenses. The proposed complex method was compared to existing methods. Simulation results have shown that the proposed method better identifies attacks and has fewer false positives detections.

AB - Intrusion detection is an important task on network cybersecurity. Intrusion detection systems solve this problem by using various methods. An analysis of the relevant works that offer possible solutions are presented, and a description of the proposed complex method that allows online identification of attacks is provided. The proposed complex method based on the joint application of the signature analysis method, entropy protocols analysis method, and machine learning method for behavior traffic analysis. The probability of intrusion detection used and based on the confusion matrix, the completeness, and the F-measure. There is a problem not only to detect the attacks but to identify the type of ones. Many attacks can be detected by using the proposed complex method, but also, this method allows to identify the type of attack and choose the type of defenses. The proposed complex method was compared to existing methods. Simulation results have shown that the proposed method better identifies attacks and has fewer false positives detections.

KW - anomaly detection

KW - attacks

KW - behavior method

KW - complex method

KW - entropy analysis

KW - Intrusion detection system

KW - machine learning

KW - signature analysis

UR - http://www.scopus.com/inward/record.url?scp=85087885100&partnerID=8YFLogxK

U2 - 10.1109/DESSERT50317.2020.9125051

DO - 10.1109/DESSERT50317.2020.9125051

M3 - Conference contribution

AN - SCOPUS:85087885100

T3 - Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020

SP - 133

EP - 137

BT - Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 11th IEEE International Conference on Dependable Systems, Services and Technologies, DESSERT 2020

Y2 - 14 May 2020 through 18 May 2020

ER -

Radivilova T, Kirichenko L, Alghawli AS, Ilkov A, Tawalbeh M, Zinchenko P. The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection. In Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020. Institute of Electrical and Electronics Engineers Inc. 2020. p. 133-137. 9125051. (Proceedings - 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies, DESSERT 2020). doi: 10.1109/DESSERT50317.2020.9125051

The Complex Method of Intrusion Detection Based on Anomaly Detection and Misuse Detection

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this