An Architecture for Inline Anomaly Detection

被引:5
|
作者
Krueger, Tammo [1 ]
Gehl, Christian [1 ]
Rieck, Konrad [1 ]
Laskov, Pavel [1 ]
机构
[1] Fraunhofer Inst FIRST, Berlin, Germany
来源
EC2ND 2008: FOURTH ANNUAL EUROPEAN CONFERENCE ON COMPUTER NETWORK DEFENSE, PROCEEDINGS | 2008年
关键词
D O I
10.1109/EC2ND.2008.8
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper we propose an intrusion prevention system (IPS) which operates inline and is capable to detect unknown attacks using anomaly detection methods. Incorporated in the framework of a packet filter each incoming packet is analyzed and - according to an internal connection state and a computed anomaly score - either delivered to the production system, redirected to a special hardened system. or logged to a network sink for later analysis. Run-time measurements of an actual implementation prove that the performance overhead of the system is sufficient,for inline processing. Accuracy measurements on real network data yield improvements especially in the number of false positives, which are reduced by a factor of five compared to a plain anomaly detector.
引用
收藏
页码:11 / 18
页数:8
相关论文
共 50 条
  • [41] Inline procedures boost performance on TRON architecture
    Franklin, C.
    Rosenberg, C.
    Proceedings of the TRON Project Symposium, 1990,
  • [42] Real-time anomaly detection using parallelized intrusion detection architecture for streaming data
    Chellammal, P.
    Malarchelvi, Sheba Kezia P. D.
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2020, 32 (04):
  • [43] TAT-NIDS: An Immune-Based Anomaly Detection Architecture for Network Intrusion Detection
    Antunes, Mario
    Correia, Manuel
    2ND INTERNATIONAL WORKSHOP ON PRACTICAL APPLICATIONS OF COMPUTATIONAL BIOLOGY AND BIOINFORMATICS (IWPACBB 2008), 2009, 49 : 60 - +
  • [44] Hybrid Big Data Architecture for High-Speed Log Anomaly Detection
    Tangsatjatham, Pittayut
    Nupairoj, Natawut
    2016 13TH INTERNATIONAL JOINT CONFERENCE ON COMPUTER SCIENCE AND SOFTWARE ENGINEERING (JCSSE), 2016, : 538 - 543
  • [45] Improved CPSoS Security: An Enhanced Anomaly-Based Intrusion Detection Architecture
    Stadler, Marco
    Riegler, Michael
    Sametinger, Johannes
    Schoenegger, Christoph
    DATABASE AND EXPERT SYSTEMS APPLICATIONS - DEXA 2024 WORKSHOPS, 2024, 2169 : 3 - 13
  • [46] Hybrid Big Data Architecture for High-Speed Log Anomaly Detection
    Nupairoj, Natawut
    Tangsatjatham, Pittayut
    JOURNAL OF INTERNET TECHNOLOGY, 2017, 18 (07): : 1681 - 1688
  • [47] A Neuromorphic Architecture for Anomaly Detection in Autonomous Large-Area Traffic Monitoring
    Chen, Qiuwen
    Qiu, Qinru
    Li, Hai
    Wu, Qing
    2013 IEEE/ACM INTERNATIONAL CONFERENCE ON COMPUTER-AIDED DESIGN (ICCAD), 2013, : 202 - 205
  • [48] Contextual Anomaly Detection in Hot Forming Production Line using PINN Architecture
    Lenz, Cederic
    Bause, Maximilian
    Reiling, Fabian
    Henke, Christian
    Traechtler, Ansgar
    2024 IEEE INTERNATIONAL CONFERENCE ON ADVANCED INTELLIGENT MECHATRONICS, AIM 2024, 2024, : 1020 - 1025
  • [49] Anomaly Detection Method for Missile Flight Data by Attention-CNN Architecture
    Park J.-C.
    Jung K.-W.
    Kim Y.-W.
    Lee C.-H.
    Journal of Institute of Control, Robotics and Systems, 2022, 28 (05): : 520 - 527
  • [50] Anomaly Detection in Urban Water Distribution Grids Using Fog Computing Architecture
    Mirzaie, Sara
    AvazAghaei, MohammadReza
    Bushehrian, Omid
    2021 29TH IRANIAN CONFERENCE ON ELECTRICAL ENGINEERING (ICEE), 2021, : 591 - 595
12345