As a primary defense technique, intrusion detection becomes more and more significant since the security of the networks is one of the most critical issues in the world. We present an adaptive collaboration intrusion ...As a primary defense technique, intrusion detection becomes more and more significant since the security of the networks is one of the most critical issues in the world. We present an adaptive collaboration intrusion detection method to improve the safety of a network. A self-adaptive and collaborative intrusion detection model is built by applying the Environmentsclasses, agents, roles, groups, and objects(E-CARGO) model. The objects, roles, agents, and groups are designed by using decision trees(DTs) and support vector machines(SVMs), and adaptive scheduling mechanisms are set up. The KDD CUP 1999 data set is used to verify the effectiveness of the method. The experimental results demonstrate the feasibility and efficiency of the proposed collaborative and adaptive intrusion detection method. Also, the proposed method is shown to be more predominant than the methods that use a set of single type support vector machine(SVM) in terms of detection precision rate and recall rate.展开更多
Several data mining techniques such as Hidden Markov Model (HMM), artificial neural network, statistical techniques and expert systems are used to model network packets in the field of intrusion detection. In this pap...Several data mining techniques such as Hidden Markov Model (HMM), artificial neural network, statistical techniques and expert systems are used to model network packets in the field of intrusion detection. In this paper a novel intrusion detection mode based on understandable Neural Network Tree (NNTree) is pre-sented. NNTree is a modular neural network with the overall structure being a Decision Tree (DT), and each non-terminal node being an Expert Neural Network (ENN). One crucial advantage of using NNTrees is that they keep the non-symbolic model ENN’s capability of learning in changing environments. Another potential advantage of using NNTrees is that they are actually “gray boxes” as they can be interpreted easily if the num-ber of inputs for each ENN is limited. We showed through experiments that the trained NNTree achieved a simple ENN at each non-terminal node as well as a satisfying recognition rate of the network packets dataset. We also compared the performance with that of a three-layer backpropagation neural network. Experimental results indicated that the NNTree based intrusion detection model achieved better performance than the neural network based intrusion detection model.展开更多
A method that incorporates edge detection technique, Markov Random field (MRF), watershed segmentation and merging techniques was presented for performing image segmentation and edge detection tasks. It first applies ...A method that incorporates edge detection technique, Markov Random field (MRF), watershed segmentation and merging techniques was presented for performing image segmentation and edge detection tasks. It first applies edge detection technique to obtain a Difference In Strength (DIS) map. An initial segmented result is obtained based on K means clustering technique and the minimum distance. Then the region process is modeled by MRF to obtain an image that contains different intensity regions. The gradient values are calculated and then the watershed technique is used. DIS calculation is used for each pixel to define all the edges (weak or strong) in the image. The DIS map is obtained. This help as priority knowledge to know the possibility of the region segmentation by the next step (MRF), which gives an image that has all the edges and regions information. In MRF model, gray level l , at pixel location i , in an image X , depends on the gray levels of neighboring pixels. The segmentation results are improved by using watershed algorithm. After all pixels of the segmented regions are processed, a map of primitive region with edges is generated. The edge map is obtained using a merge process based on averaged intensity mean values. A common edge detectors that work on (MRF) segmented image are used and the results are compared. The segmentation and edge detection result is one closed boundary per actual region in the image.展开更多
There are inherent vulnerabilities that are not easily preventable in the mobile Ad-Hoc networks.To build a highly secure wireless Ad-Hoc network,intrusion detection and response techniques need to be deployed;The int...There are inherent vulnerabilities that are not easily preventable in the mobile Ad-Hoc networks.To build a highly secure wireless Ad-Hoc network,intrusion detection and response techniques need to be deployed;The intrusion detection and cluster-based Ad-Hoc networks has been introduced,then,an architecture for better intrusion detection based on cluster using Data Mining in wireless Ad -Hoc networks has been shown.A statistical anomaly detection approach has been used.The anomaly detection and trace analysis have been done locally in each node and possibly through cooperation with clusterhead detection in the network.展开更多
基金supported in part by the National Natural Science Foundation of China(61772141,61673123)Guangdong Provincial Science&Technology Project(2015B090901016,2016B010108007)+1 种基金Guangdong Education Department Project(Guangdong Higher Education letter 2015[133])the Guangzhou Science&Technology Project(201508010067,201604020145201604046017,and 2016201604030034)
文摘As a primary defense technique, intrusion detection becomes more and more significant since the security of the networks is one of the most critical issues in the world. We present an adaptive collaboration intrusion detection method to improve the safety of a network. A self-adaptive and collaborative intrusion detection model is built by applying the Environmentsclasses, agents, roles, groups, and objects(E-CARGO) model. The objects, roles, agents, and groups are designed by using decision trees(DTs) and support vector machines(SVMs), and adaptive scheduling mechanisms are set up. The KDD CUP 1999 data set is used to verify the effectiveness of the method. The experimental results demonstrate the feasibility and efficiency of the proposed collaborative and adaptive intrusion detection method. Also, the proposed method is shown to be more predominant than the methods that use a set of single type support vector machine(SVM) in terms of detection precision rate and recall rate.
基金Supported in part by the National Natural Science Foundation of China (No.60272046, No.60102011), Na-tional High Technology Project of China (No.2002AA143010), Natural Science Foundation of Jiangsu Province (No.BK2001042), and the Foundation for Excellent Doctoral Dissertation of Southeast Univer-sity (No.YBJJ0412).
文摘Several data mining techniques such as Hidden Markov Model (HMM), artificial neural network, statistical techniques and expert systems are used to model network packets in the field of intrusion detection. In this paper a novel intrusion detection mode based on understandable Neural Network Tree (NNTree) is pre-sented. NNTree is a modular neural network with the overall structure being a Decision Tree (DT), and each non-terminal node being an Expert Neural Network (ENN). One crucial advantage of using NNTrees is that they keep the non-symbolic model ENN’s capability of learning in changing environments. Another potential advantage of using NNTrees is that they are actually “gray boxes” as they can be interpreted easily if the num-ber of inputs for each ENN is limited. We showed through experiments that the trained NNTree achieved a simple ENN at each non-terminal node as well as a satisfying recognition rate of the network packets dataset. We also compared the performance with that of a three-layer backpropagation neural network. Experimental results indicated that the NNTree based intrusion detection model achieved better performance than the neural network based intrusion detection model.
文摘A method that incorporates edge detection technique, Markov Random field (MRF), watershed segmentation and merging techniques was presented for performing image segmentation and edge detection tasks. It first applies edge detection technique to obtain a Difference In Strength (DIS) map. An initial segmented result is obtained based on K means clustering technique and the minimum distance. Then the region process is modeled by MRF to obtain an image that contains different intensity regions. The gradient values are calculated and then the watershed technique is used. DIS calculation is used for each pixel to define all the edges (weak or strong) in the image. The DIS map is obtained. This help as priority knowledge to know the possibility of the region segmentation by the next step (MRF), which gives an image that has all the edges and regions information. In MRF model, gray level l , at pixel location i , in an image X , depends on the gray levels of neighboring pixels. The segmentation results are improved by using watershed algorithm. After all pixels of the segmented regions are processed, a map of primitive region with edges is generated. The edge map is obtained using a merge process based on averaged intensity mean values. A common edge detectors that work on (MRF) segmented image are used and the results are compared. The segmentation and edge detection result is one closed boundary per actual region in the image.
文摘There are inherent vulnerabilities that are not easily preventable in the mobile Ad-Hoc networks.To build a highly secure wireless Ad-Hoc network,intrusion detection and response techniques need to be deployed;The intrusion detection and cluster-based Ad-Hoc networks has been introduced,then,an architecture for better intrusion detection based on cluster using Data Mining in wireless Ad -Hoc networks has been shown.A statistical anomaly detection approach has been used.The anomaly detection and trace analysis have been done locally in each node and possibly through cooperation with clusterhead detection in the network.
