Loughborough University
Leicestershire, UK
LE11 3TU
+44 (0)1509 263171
Loughborough University

Loughborough University Institutional Repository

Please use this identifier to cite or link to this item: https://dspace.lboro.ac.uk/2134/27956

Title: Using the pattern-of-life in networks to improve the effectiveness of intrusion detection systems
Authors: Aparicio-Navarro, Francisco J.
Chambers, Jonathon
Kyriakopoulos, Konstantinos G.
Gong, Yu
Parish, David J.
Keywords: Contextual information
Dempster-Shafer theory
Fuzzy cognitive maps
Intrusion detection systems
Network security
Pattern of life
Port scanning attack
Issue Date: 2017
Publisher: © Institute of Electrical and Electronics Engineers (IEEE)
Citation: APARICIO-NAVARRO, F.J. ...et al., 2017. Using the pattern-of-life in networks to improve the effectiveness of intrusion detection systems. Presented at the IEEE International Conference on Communications (ICC) 2017, Paris, France, 21-25th May.
Abstract: © 2017 IEEE. As the complexity of cyber-attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of Intrusion Detection Systems (IDSs) should be able to adapt their detection characteristics based not only on the measureable network traffic, but also on the available highlevel information related to the protected network to improve their detection results. We make use of the Pattern-of-Life (PoL) of a network as the main source of high-level information, which is correlated with the time of the day and the usage of the network resources. We propose the use of a Fuzzy Cognitive Map (FCM) to incorporate the PoL into the detection process. The main aim of this work is to evidence the improved the detection performance of an IDS using an FCM to leverage on network related contextual information. The results that we present verify that the proposed method improves the effectiveness of our IDS by reducing the total number of false alarms; providing an improvement of 9.68% when all the considered metrics are combined and a peak improvement of up to 35.64%, depending on particular metric combination.
Description: Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Sponsor: This work was supported by the Engineering and Physical Sciences Research Council (EPSRC) Grant number EP/K014307/2 and the MOD University Defence Research Collaboration in Signal Processing.
Version: Accepted for publication
DOI: 10.1109/ICC.2017.7997374
URI: https://dspace.lboro.ac.uk/2134/27956
Publisher Link: https://doi.org/10.1109/ICC.2017.7997374
ISBN: 9781467389990
ISSN: 1550-3607
Appears in Collections:Conference Papers and Presentations (Mechanical, Electrical and Manufacturing Engineering)

Files associated with this item:

File Description SizeFormat
Kostos_CAMERA_READY_Using the Pattern-of-Life.pdfAccepted version932.68 kBAdobe PDFView/Open


SFX Query

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.