International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed
ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
Webpage URL: https://airccse.org/journal/ijnsa.html
Intrusion Detection System Using Discrete Fourier Transform with Window Function
Yusuke Tsuge and HidemaTanaka, National Defense Academy of Japan, Japan
Abstract
An Intrusion Detection System (IDS) is countermeasureagainst network attack. There are mainly two typesof detections; signature-based and anomaly-based. And thereare two kinds of error; false negative and false positive. Indevelopment of IDS, establishment of a method to reduce suchfalse is a major issue. In this paper, we propose a new anomaly-baseddetection method using Discrete Fourier Transform (DFT)with window function. In our method, we assume fluctuation ofpayload in ordinary sessions as random. On the other hand, we cansee fluctuation in attack sessions have bias. From the viewpointof spectrum analysis based on such assumption, we can find outdifferent characteristic in spectrum of attack sessions. Using thecharacteristic, we can detect attack sessions. Example detectionagainst Kyoto2006+ dataset shows 12.0% of false positive at most,and 0.0% of false negative.
Keywords
Intrusion Detection System, Discrete Fourier Transform, window function, Kyoto2006+ dataset
Original Source URL: https://aircconline.com/ijnsa/V8N2/8216ijnsa02.pdf
Volume URL: https://airccse.org/journal/jnsa16_current.html
No comments:
Post a Comment