2024-03-28T20:31:07Zhttps://riubu.ubu.es/oai/requestoai:riubu.ubu.es:10259/72662023-01-19T01:05:23Zcom_10259_3847com_10259_5086com_10259_2604col_10259_3848
Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data
Sánchez, Raúl
Herrero Cosío, Álvaro
Corchado, Emilio
Network intrusion detection
Network flow
Neural projection
Clustering
MOVICAB-IDS
Much effort has been devoted to research on intrusion detection (ID) in recent years because intrusion strategies and technologies are constantly and quickly evolving. As an innovative solution based on visualization, MObile VIsualisation Connectionist Agent-Based IDS was previously proposed, conceived as a hybrid-intelligent ID System. It was designed to analyse
continuous network data at a packet level and is extended in present paper for the analysis of flow-based traffic data. By
incorporating clustering techniques to the original proposal, network flows are investigated trying to identify different types
of attacks. The analysed real-life data (the well-known dataset from the University of Twente) come from a honeypot directly
connected to the Internet (thus ensuring attack-exposure) and is analysed by means of clustering and neural techniques, individually and in conjunction. Promising results are obtained, proving the validity of the proposed extension for the analysis
of network flow data
2023-01-18T12:03:50Z
2023-01-18T12:03:50Z
2023-01-18T12:03:50Z
2017-02
info:eu-repo/semantics/article
1367-0751
http://hdl.handle.net/10259/7266
10.1093/jigpal/jzw047
1368-9894
eng
Logic Journal of the IGPL. 2017, V. 25, n. 1, p. 83-102
https://doi.org/10.1093/jigpal/jzw047
info:eu-repo/semantics/openAccess
Oxford University Press