Show simple item record

dc.contributor.authorJuvonen, Antti
dc.contributor.authorSipola, Tuomo
dc.date.accessioned2014-04-04T07:40:21Z
dc.date.available2014-04-04T07:40:21Z
dc.date.issued2013fi
dc.identifier.citationJuvonen, A., & Sipola, T. (2013). Combining conjunctive rule extraction with diffusion maps for network intrusion detection. In <em>The Eighteenth IEEE Symposium on Computers and Communications</em> (pp. 411-416). Piscataway: IEEE. <a href="http://dx.doi.org/10.1109/ISCC.2013.6754981">doi:10.1109/ISCC.2013.6754981</a>fi
dc.identifier.otherTUTKAID_57191
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/43173
dc.description.abstractNetwork security and intrusion detection are important in the modern world where communication happens via information networks. Traditional signature-based intrusion detection methods cannot find previously unknown attacks. On the other hand, algorithms used for anomaly detection often have black box qualities that are difficult to understand for people who are not algorithm experts. Rule extraction methods create interpretable rule sets that act as classifiers. They have mostly been combined with already labeled data sets. This paper aims to combine unsupervised anomaly detection with rule extraction techniques to create an online anomaly detection framework. Unsupervised anomaly detection uses diffusion maps and clustering for labeling an unknown data set. Rule sets are created using conjunctive rule extraction algorithm. This research suggests that the combination of machine learning methods and rule extraction is a feasible way to implement network intrusion detection that is meaningful to network administrators.
dc.language.isoeng
dc.publisherIEEE
dc.relation.ispartofThe Eighteenth IEEE Symposium on Computers and Communications
dc.relation.ispartofseriesInternational Symposium on Computers and Communications
dc.subject.othertunkeutumisen havaitseminenfi
dc.subject.otherpoikkeavuuden havaitseminenfi
dc.subject.othern-grammifi
dc.subject.othersääntöjen erottaminenfi
dc.subject.otherdiffuusiokarttafi
dc.subject.othertiedon louhintafi
dc.subject.otherkoneoppiminenfi
dc.subject.otherintrusion detectionfi
dc.subject.otheranomaly detectionfi
dc.subject.othern-gramfi
dc.subject.otherrule extractionfi
dc.subject.otherdiffusion mapfi
dc.subject.otherdata miningfi
dc.subject.othermachine learningfi
dc.titleCombining conjunctive rule extraction with diffusion maps for network intrusion detectionfi
dc.identifier.urnURN:NBN:fi:jyu-201404031456
dc.contributor.laitosTietotekniikan laitosfi
dc.contributor.laitosDepartment of Mathematical Information Technologyen
dc.contributor.oppiaineTietotekniikka
dc.type.urihttp://purl.org/eprint/type/ConferencePaper
dc.date.updated2014-04-03T03:30:07Z
dc.type.coarconference paper
dc.description.reviewstatuspeerReviewed
dc.format.pagerange411-416
dc.relation.issn1530-1346
dc.type.versionacceptedVersion
dc.rights.copyright© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses. This is the authors’ postprint version of the article. The original print version appeared as: A. Juvonen and T. Sipola, “Combining conjunctive rule extraction with diffusion maps for network intrusion detection,” in In The Eighteenth IEEE Symposium on Computers and Communications (ISCC 2013). IEEE 2013.
dc.rights.accesslevelopenAccessfi
dc.relation.doi10.1109/ISCC.2013.6754981


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record