An Architecture for Inline Anomaly Detection

被引：5

作者：

Krueger, Tammo ^{[1
]}

Gehl, Christian ^{[1
]}

Rieck, Konrad ^{[1
]}

Laskov, Pavel ^{[1
]}

机构：

[1] Fraunhofer Inst FIRST, Berlin, Germany

来源：

EC2ND 2008: FOURTH ANNUAL EUROPEAN CONFERENCE ON COMPUTER NETWORK DEFENSE, PROCEEDINGS | 2008年

关键词：

D O I：

10.1109/EC2ND.2008.8

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper we propose an intrusion prevention system (IPS) which operates inline and is capable to detect unknown attacks using anomaly detection methods. Incorporated in the framework of a packet filter each incoming packet is analyzed and - according to an internal connection state and a computed anomaly score - either delivered to the production system, redirected to a special hardened system. or logged to a network sink for later analysis. Run-time measurements of an actual implementation prove that the performance overhead of the system is sufficient,for inline processing. Accuracy measurements on real network data yield improvements especially in the number of false positives, which are reduced by a factor of five compared to a plain anomaly detector.

引用

页码：11 / 18

页数：8

共 50 条

[31] DeepNet: A Deep Learning Architecture for Network-Based Anomaly Detection
Zabihi, Javad
Janeja, Vandana
ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS, OTM 2019, 2020, 11878 : 229 - 238
[32] PASTA: Neural Architecture Search for Anomaly Detection in Multivariate Time Series
Trirat, Patara
Lee, Jae-Gil
IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTATIONAL INTELLIGENCE, 2024,
[33] Efficient Anomaly Detection Methodology for Power Saving in Massive IoT Architecture
Kumar, Palani
D'Souza, Meenakshi
Das, Debabrata
DISTRIBUTED COMPUTING AND INTERNET TECHNOLOGY (ICDCIT 2018), 2018, 10722 : 256 - 262
[34] Anomaly Detection with Noisy and Missing Data using a Deep Learning Architecture
Thomopoulos, Stelios C. A.
Kyriakopoulos, Christos
SIGNAL PROCESSING, SENSOR/INFORMATION FUSION, AND TARGET RECOGNITION XXX, 2021, 11756
[35] Transformer architecture based on mutual attention for image-anomaly detection
Mengting ZHANG
Xiuxia TIAN
虚拟现实与智能硬件(中英文), 2023, 5 (01) : 57 - 67
[36] ADGAN: A Scalable GAN-based Architecture for Image Anomaly Detection
Cheng, Haoqing
Liu, Heng
Gao, Fei
Chen, Zhuo
PROCEEDINGS OF 2020 IEEE 4TH INFORMATION TECHNOLOGY, NETWORKING, ELECTRONIC AND AUTOMATION CONTROL CONFERENCE (ITNEC 2020), 2020, : 987 - 993
[37] Hardware Architecture Proposal for TEDA Algorithm to Data Streaming Anomaly Detection
Da Silva, Lucileide M. D.
Coutinho, Maria G. F.
Santos, Carlos E. B., Jr.
Santos, Mailson R.
Ruiz, M. Dolores
Guedes, Luiz Affonso
Fernandes, Marcelo A. C.
IEEE ACCESS, 2021, 9 : 103141 - 103152
[38] A Data-Driven Method for Diagnosing ATS Architecture by Anomaly Detection
Zhou, Aimin
Cheng, Shaowu
Li, Xiantong
Li, Kui
You, Linlin
Cai, Ming
SMART TRANSPORTATION SYSTEMS 2022, 2022, 304 : 85 - 93
[39] A Lightweight Unsupervised Learning Architecture to Enhance User Behavior Anomaly Detection
Molina, Andre L. B.
Goncalves, Vinicius P.
de Sousa Jr, Rafael T.
Pividal, Marcel
Meneguette, Rodolfo, I
Rocha Filho, Geraldo P.
2022 IEEE LATIN-AMERICAN CONFERENCE ON COMMUNICATIONS (LATINCOM), 2022,
[40] Deep Neural Network Architecture for Anomaly Based Intrusion Detection System
Behera, Sidharth
Pradhan, Ayush
Dash, Ratnakar
2018 5TH INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND INTEGRATED NETWORKS (SPIN), 2018, : 270 - 274

← 1 2 3 4 5 →