An Architecture for Inline Anomaly Detection

被引:5
|
作者
Krueger, Tammo [1 ]
Gehl, Christian [1 ]
Rieck, Konrad [1 ]
Laskov, Pavel [1 ]
机构
[1] Fraunhofer Inst FIRST, Berlin, Germany
来源
EC2ND 2008: FOURTH ANNUAL EUROPEAN CONFERENCE ON COMPUTER NETWORK DEFENSE, PROCEEDINGS | 2008年
关键词
D O I
10.1109/EC2ND.2008.8
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper we propose an intrusion prevention system (IPS) which operates inline and is capable to detect unknown attacks using anomaly detection methods. Incorporated in the framework of a packet filter each incoming packet is analyzed and - according to an internal connection state and a computed anomaly score - either delivered to the production system, redirected to a special hardened system. or logged to a network sink for later analysis. Run-time measurements of an actual implementation prove that the performance overhead of the system is sufficient,for inline processing. Accuracy measurements on real network data yield improvements especially in the number of false positives, which are reduced by a factor of five compared to a plain anomaly detector.
引用
收藏
页码:11 / 18
页数:8
相关论文
共 50 条
  • [21] Architecture of the remote routing validation tool for BGP anomaly detection
    Towson University, 8000 York Rd, Towson, MD, 21093, United States
    Proc. ACM Res. Appl. Comput. Symp., RACS, (232-236):
  • [22] Anomaly Detection Using Deep Neural Network for IoT Architecture
    Ahmad, Zeeshan
    Khan, Adnan Shahid
    Nisar, Kashif
    Haider, Iram
    Hassan, Rosilah
    Haque, Muhammad Reazul
    Tarmizi, Seleviawati
    Rodrigues, Joel J. P. C.
    APPLIED SCIENCES-BASEL, 2021, 11 (15):
  • [23] Hybrid Architecture with Misuse and Anomaly Detection Techniques for Wireless Networks
    Balan, E. Vishnu
    Priyan, M. K.
    Gokulnath, C.
    Devi, G. Usha
    2015 INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND SIGNAL PROCESSING (ICCSP), 2015, : 185 - 189
  • [24] Denoising Architecture for Unsupervised Anomaly Detection in Time-Series
    Skaf, Wadie
    Horvath, Tomas
    NEW TRENDS IN DATABASE AND INFORMATION SYSTEMS, ADBIS 2022, 2022, 1652 : 178 - 187
  • [25] An agent-based anomaly detection architecture for condition monitoring
    McArthur, SDJ
    Booth, CD
    McDonald, JR
    McFadyen, IT
    IEEE TRANSACTIONS ON POWER SYSTEMS, 2005, 20 (04) : 1675 - 1682
  • [26] A Service Architecture Using Machine Learning to Contextualize Anomaly Detection
    Laughlin, Brandon
    Sankaranarayanan, Karthik
    El-Khatib, Khalil
    JOURNAL OF DATABASE MANAGEMENT, 2020, 31 (01) : 64 - 84
  • [27] Inline nondestructive internal disorder detection in pear fruit using explainable deep anomaly detection on X-ray images
    Van De Looverbosch, Tim
    He, Jiaqi
    Tempelaere, Astrid
    Kelchtermans, Klaas
    Verboven, Pieter
    Tuytelaars, Tinne
    Sijbers, Jan
    Nicolai, Bart
    COMPUTERS AND ELECTRONICS IN AGRICULTURE, 2022, 197
  • [28] TrueDetective 4.0: A Big Data Architecture for Real Time Anomaly Detection
    Argento, Luciano
    De Francesco, Erika
    Lambardi, Pasquale
    Piantedosi, Paolo
    Romeo, Carlo
    FOUNDATIONS OF INTELLIGENT SYSTEMS (ISMIS 2022), 2022, 13515 : 449 - 458
  • [29] A deep co-evolution architecture for anomaly detection in dynamic networks
    Hayat, Malik Khizar
    Daud, Ali
    Banjar, Ameen
    Alharbey, Riad
    Bukhari, Amal
    MULTIMEDIA TOOLS AND APPLICATIONS, 2023, 83 (14) : 40489 - 40508
  • [30] A deep co-evolution architecture for anomaly detection in dynamic networks
    Malik Khizar Hayat
    Ali Daud
    Ameen Banjar
    Riad Alharbey
    Amal Bukhari
    Multimedia Tools and Applications, 2024, 83 : 40489 - 40508
12345