University of Jyväskylä | JYX Digital Repository

  • English  | Give feedback |
    • suomi
    • English
 
  • Login
JavaScript is disabled for your browser. Some features of this site may not work without it.
View Item 
  • JYX
  • Artikkelit
  • Informaatioteknologian tiedekunta
  • View Item
JYX > Artikkelit > Informaatioteknologian tiedekunta > View Item

Combining conjunctive rule extraction with diffusion maps for network intrusion detection

ThumbnailAccepted version
View/Open
431.2Kb

Downloads:  
Show download detailsHide download details  
Juvonen, A., & Sipola, T. (2013). Combining conjunctive rule extraction with diffusion maps for network intrusion detection. In The Eighteenth IEEE Symposium on Computers and Communications (pp. 411-416). Piscataway: IEEE. doi:10.1109/ISCC.2013.6754981
Published in
International Symposium on Computers and Communications
Authors
Juvonen, Antti |
Sipola, Tuomo
Date
2013
Discipline
Tietotekniikka
Copyright
© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses. This is the authors’ postprint version of the article. The original print version appeared as: A. Juvonen and T. Sipola, “Combining conjunctive rule extraction with diffusion maps for network intrusion detection,” in In The Eighteenth IEEE Symposium on Computers and Communications (ISCC 2013). IEEE 2013.

 
Network security and intrusion detection are important in the modern world where communication happens via information networks. Traditional signature-based intrusion detection methods cannot find previously unknown attacks. On the other hand, algorithms used for anomaly detection often have black box qualities that are difficult to understand for people who are not algorithm experts. Rule extraction methods create interpretable rule sets that act as classifiers. They have mostly been combined with already labeled data sets. This paper aims to combine unsupervised anomaly detection with rule extraction techniques to create an online anomaly detection framework. Unsupervised anomaly detection uses diffusion maps and clustering for labeling an unknown data set. Rule sets are created using conjunctive rule extraction algorithm. This research suggests that the combination of machine learning methods and rule extraction is a feasible way to implement network intrusion detection that is meaningful to network administrators. ...
Publisher
IEEE
Is part of publication
The Eighteenth IEEE Symposium on Computers and Communications
ISSN Search the Publication Forum
1530-1346
Keywords
tunkeutumisen havaitseminen poikkeavuuden havaitseminen n-grammi sääntöjen erottaminen diffuusiokartta tiedon louhinta koneoppiminen intrusion detection anomaly detection n-gram rule extraction diffusion map data mining machine learning
DOI
https://doi.org/10.1109/ISCC.2013.6754981
URI

http://urn.fi/URN:NBN:fi:jyu-201404031456

Metadata
Show full item record
Collections
  • Informaatioteknologian tiedekunta [1593]

Related items

Showing items with similar title or keywords.

  • Anomaly detection from network logs using diffusion maps 

    Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (Springer, 2011)
    The goal of this study is to detect anomalous queries from network logs using a dimensionality reduction framework. The fequencies of 2-grams in queries are extracted to a feature matrix. Dimensionality reduction is done ...
  • Dimensionality reduction framework for detecting anomalies from network logs 

    Sipola, Tuomo; Juvonen, Antti; Lehtonen, Joel (CRL Publishing, 2012)
    Dynamic web services are vulnerable to multitude of intrusions that could be previously unknown. Server logs contain vast amounts of information about network traffic, and finding attacks from these logs improves the ...
  • Unsupervised network intrusion detection systems for zero-day fast-spreading network attacks and botnets 

    Vahdani Amoli, Payam (University of Jyväskylä, 2015)
    Today, the occurrence of zero-day and complex attacks in high-speed networks is increasingly common due to the high number vulnerabilities in the cyber world. As a result, intrusions become more sophisticated and fast ...
  • Evaluation of Ensemble Machine Learning Methods in Mobile Threat Detection 

    Kumar, Sanjay; Viinikainen, Ari; Hämäläinen, Timo (Infonomics Society, 2017)
    The rapid growing trend of mobile devices continues to soar causing massive increase in cyber security threats. Most pervasive threats include ransom-ware, banking malware, premium SMS fraud. The solitary hackers use ...
  • Adaptive framework for network traffic classification using dimensionality reduction and clustering 

    Juvonen, Antti; Sipola, Tuomo (IEEE, 2012)
    Information security has become a very important topic especially during the last years. Web services are becoming more complex and dynamic. This offers new possibilities for attackers to exploit vulnerabilities by inputting ...
  • Browse materials
  • Browse materials
  • Articles
  • Conferences and seminars
  • Electronic books
  • Historical maps
  • Journals
  • Tunes and musical notes
  • Photographs
  • Presentations and posters
  • Publication series
  • Research reports
  • Research data
  • Study materials
  • Theses

Browse

All of JYXCollection listBy Issue DateAuthorsSubjectsPublished inDepartmentDiscipline

My Account

Login

Statistics

View Usage Statistics
  • How to publish in JYX?
  • Self-archiving
  • Publish Your Thesis Online
  • Publishing Your Dissertation
  • Publication services

Open Science at the JYU
 
Data Protection Description

Accessibility Statement

Unless otherwise specified, publicly available JYX metadata (excluding abstracts) may be freely reused under the CC0 waiver.
Open Science Centre