Abstract
Intrusion detection is an important part of assuring the reliability of computer systems. Different intrusion detection approaches vary with different patterns used and different intrusions addressed. However, what patterns are effective in constructing a detection system is still a challenge. This paper attempts to apply the traditional covariance matrix concept to the detection of multiple known and unknown network anomalies. With respect to the initiation of typical flood-based network intrusions, the proposed approach takes the measure of covariance matrix to reflect the changes of sequential correlativity of the network traffic when flood-based attacks happen. The differences among covariance matrices of network samples collected in temporal sequences of fixed and equal length are directly evaluated to detect multiple network anomalies. Extensive experiments on the subset of KDDCUP 1999 dataset show that the covariance matrix, as a new pattern, can be directly utilized to construct an effective detection system for flood-based attacks. It also points out that utilizing the covariance matrix in the detection of flood-based attacks can achieve higher performance over traditional approaches.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Pattern Recognition and Artificial Intelligence
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
