DMCA
A Flow Based Horizontal Scan Detection Using Genetic Algorithm Approach
Citations
| 2843 | Genetic algorithms in search, optimization, and machine learning - Goldberg - 1989 |
| 1766 | Signal detection theory and psychophysics - Green, Swets - 1989 |
| 634 | Detection Theory: A User’s Guide - Macmillan, Creelman - 1991 |
| 305 | Fast portscan detection using sequential hypothesis testing. - JUNG, PAXSON, et al. - 2004 |
| 193 | Practical Automated Detection of Stealthy Portscans”, - Staniford, Hoagland, et al. - 2002 |
| 22 | A software implementation of a genetic algorithm based approach to network intrusion detection, - Gong, Zulkernine, et al. - 2005 |
| 19 | An overview of IP flow-based intrusion detection, - Sperotto, Schaffrath, et al. - 2010 |
| 19 | Connectionless port scan detection on the backbone, - Sridharan, Ye, et al. - 2006 |
| 10 | Surveying port scans and their detection methodologies,
- Bhuyan, Bhattacharyya, et al.
- 2011
(Show Context)
Citation Context ...tions between a single source and a destination (Bhuyan et al., 2011). In this paper, we proposed an approach based on genetic algorithm (GA) to identify horizontal scan attacks within a flow-based IDS. This approach is highly effective in high-speed networks as compared to methods based on packets. Application of GA in IDS research has begun since 1995 (Crosbie and Spafford, 1995). GA is beneficial due to several reasons: (1) GA optimizes multiple members in each run, in another words it is highly parallel. This way, it avoids being trapped in local minimums and it extends its search domain. (2) GA is highly adaptive; Therefore it can adapt easily with changes in the network, such as changes in the extension and needs (Bankovic et al., 2009). In our approach we define two parameters: (i) number of destinations that each source visited, and (ii) number of scanned ports on that destination. GA is used to optimize weights of these parameters to achieve a performance close to optimum. Finally we compared our method with Snort. Next section reviews the previous studies on attacks detection methods based on scanning using GA. Methodology section gives a brief explanation of genetic algorit... |
| 10 | An Implementation of Intrusion Detection System Using Genetic Algorithm. - Hoque, Mukit, et al. - 2012 |
| 4 |
A Genetic Algorithm-based Solution for Intrusion Detection,
- Bankovic, Moya, et al.
- 2009
(Show Context)
Citation Context ...o the administrator. Performance of these systems highly depends on the Threshold value (Moon et al., 2010). A frequently used parameter for scan attacks is number of connections between a single source and a destination (Bhuyan et al., 2011). In this paper, we proposed an approach based on genetic algorithm (GA) to identify horizontal scan attacks within a flow-based IDS. This approach is highly effective in high-speed networks as compared to methods based on packets. Application of GA in IDS research has begun since 1995 (Crosbie and Spafford, 1995). GA is beneficial due to several reasons: (1) GA optimizes multiple members in each run, in another words it is highly parallel. This way, it avoids being trapped in local minimums and it extends its search domain. (2) GA is highly adaptive; Therefore it can adapt easily with changes in the network, such as changes in the extension and needs (Bankovic et al., 2009). In our approach we define two parameters: (i) number of destinations that each source visited, and (ii) number of scanned ports on that destination. GA is used to optimize weights of these parameters to achieve a performance close to optimum. Finally we compared our method wi... |
| 4 | Large-scale coordinated attacks: Impact on the cloud security, - Riquet, Grimaud, et al. - 2012 |
| 3 | Applying genetic programming to intrusion detection, Working Notes for the AAAI - Crosbie, Spafford - 1995 |
| 3 | Application of Genetic Algorithms for Detecting Anomaly in Network Intrusion Detection Systems, - Srinivasa - 2012 |
| 2 | Portscan detection using NetFlow data, - Grégr - 2010 |
| 2 | A multi-resolution approach forworm detection and containment, - Sekar, Xie, et al. - 2006 |
| 1 | A Modified Multi-Resolution Approach for Port Scan Detection, - Moon, Yi, et al. - 2010 |
| 1 | IGIDS: Intelligent intrusion detection system using genetic algorithms, - Srinivasa, Chandra, et al. - 2011 |
