Improving network intrusion detection with extended KDD features

Edward Paul Guillén; Jhordany Rodríguez Parra; Rafael Vicente Paéz Mendez

doi:10.1007/978-94-007-6818-5_30

Improving network intrusion detection with extended KDD features

Edward Paul Guillén
, Jhordany Rodríguez Parra
, Rafael Vicente Paéz Mendez

Universidad Militar Nueva Granada

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

In order to analyze results of anomaly detection methods for Network Intrusion Detection Systems, the DARPA KDD data set have been widely analyzed but their data are outdated for most kinds of attacks. A software called Spleen designed to get data from a tested network with the same structure of DARPA data set is introduced. The application is used to complete the data set with additional features according to an attack analysis. Finally, to show advantages of an extended data set, two genetic methods in the detection of non-content based attacks are tested.

Original language	English
Title of host publication	IAENG Transactions on Engineering Technologies - Special Issue of the World Congress on Engineering and Computer Science 2012
Publisher	Springer Verlag
Pages	431-445
Number of pages	15
ISBN (Print)	9789400768178
DOIs	https://doi.org/10.1007/978-94-007-6818-5_30
State	Published - 2014
Event	World Congress on Engineering and Computer Science, WCECS 2012 - San Francisco, CA, United States Duration: 24 Oct 2012 → 26 Oct 2012

Publication series

Name	Lecture Notes in Electrical Engineering
Volume	247 LNEE
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Conference

Conference	World Congress on Engineering and Computer Science, WCECS 2012
Country/Territory	United States
City	San Francisco, CA
Period	24/10/12 → 26/10/12

Keywords

Adaptative algorithm
Genetic algorithms
Information security
Intrusion detection
Machine learning
TCPIP

Access to Document

10.1007/978-94-007-6818-5_30

Cite this

Guillén, E. P., Rodríguez Parra, J., & Paéz Mendez, R. V. (2014). Improving network intrusion detection with extended KDD features. In IAENG Transactions on Engineering Technologies - Special Issue of the World Congress on Engineering and Computer Science 2012 (pp. 431-445). (Lecture Notes in Electrical Engineering; Vol. 247 LNEE). Springer Verlag. https://doi.org/10.1007/978-94-007-6818-5_30

@inproceedings{5eec0794a9b14926a73e5dbf04789df2,

title = "Improving network intrusion detection with extended KDD features",

abstract = "In order to analyze results of anomaly detection methods for Network Intrusion Detection Systems, the DARPA KDD data set have been widely analyzed but their data are outdated for most kinds of attacks. A software called Spleen designed to get data from a tested network with the same structure of DARPA data set is introduced. The application is used to complete the data set with additional features according to an attack analysis. Finally, to show advantages of an extended data set, two genetic methods in the detection of non-content based attacks are tested.",

keywords = "Adaptative algorithm, Genetic algorithms, Information security, Intrusion detection, Machine learning, TCPIP",

author = "Guill{\'e}n, \{Edward Paul\} and \{Rodr{\'i}guez Parra\}, Jhordany and \{Pa{\'e}z Mendez\}, \{Rafael Vicente\}",

note = "Funding Information: This work was possible with the support of Military University Doctoral Support Program, and Javeriana University Doctoral Program.; World Congress on Engineering and Computer Science, WCECS 2012 ; Conference date: 24-10-2012 Through 26-10-2012",

year = "2014",

doi = "10.1007/978-94-007-6818-5\_30",

language = "English",

isbn = "9789400768178",

series = "Lecture Notes in Electrical Engineering",

publisher = "Springer Verlag",

pages = "431--445",

booktitle = "IAENG Transactions on Engineering Technologies - Special Issue of the World Congress on Engineering and Computer Science 2012",

address = "Germany",

}

Guillén, EP, Rodríguez Parra, J & Paéz Mendez, RV 2014, Improving network intrusion detection with extended KDD features. in IAENG Transactions on Engineering Technologies - Special Issue of the World Congress on Engineering and Computer Science 2012. Lecture Notes in Electrical Engineering, vol. 247 LNEE, Springer Verlag, pp. 431-445, World Congress on Engineering and Computer Science, WCECS 2012, San Francisco, CA, United States, 24/10/12. https://doi.org/10.1007/978-94-007-6818-5_30

Improving network intrusion detection with extended KDD features. / Guillén, Edward Paul; Rodríguez Parra, Jhordany; Paéz Mendez, Rafael Vicente.
IAENG Transactions on Engineering Technologies - Special Issue of the World Congress on Engineering and Computer Science 2012. Springer Verlag, 2014. p. 431-445 (Lecture Notes in Electrical Engineering; Vol. 247 LNEE).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Improving network intrusion detection with extended KDD features

AU - Guillén, Edward Paul

AU - Rodríguez Parra, Jhordany

AU - Paéz Mendez, Rafael Vicente

N1 - Funding Information: This work was possible with the support of Military University Doctoral Support Program, and Javeriana University Doctoral Program.

PY - 2014

Y1 - 2014

N2 - In order to analyze results of anomaly detection methods for Network Intrusion Detection Systems, the DARPA KDD data set have been widely analyzed but their data are outdated for most kinds of attacks. A software called Spleen designed to get data from a tested network with the same structure of DARPA data set is introduced. The application is used to complete the data set with additional features according to an attack analysis. Finally, to show advantages of an extended data set, two genetic methods in the detection of non-content based attacks are tested.

AB - In order to analyze results of anomaly detection methods for Network Intrusion Detection Systems, the DARPA KDD data set have been widely analyzed but their data are outdated for most kinds of attacks. A software called Spleen designed to get data from a tested network with the same structure of DARPA data set is introduced. The application is used to complete the data set with additional features according to an attack analysis. Finally, to show advantages of an extended data set, two genetic methods in the detection of non-content based attacks are tested.

KW - Adaptative algorithm

KW - Genetic algorithms

KW - Information security

KW - Intrusion detection

KW - Machine learning

KW - TCPIP

UR - https://www.scopus.com/pages/publications/84958524839

U2 - 10.1007/978-94-007-6818-5_30

DO - 10.1007/978-94-007-6818-5_30

M3 - Conference contribution

AN - SCOPUS:84958524839

SN - 9789400768178

T3 - Lecture Notes in Electrical Engineering

SP - 431

EP - 445

BT - IAENG Transactions on Engineering Technologies - Special Issue of the World Congress on Engineering and Computer Science 2012

PB - Springer Verlag

T2 - World Congress on Engineering and Computer Science, WCECS 2012

Y2 - 24 October 2012 through 26 October 2012

ER -

Improving network intrusion detection with extended KDD features

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this