International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)

Webpage URL: https://airccse.org/journal/ijnsa.html

Intrusion Detection System Using Discrete Fourier Transform with Window Function

Yusuke Tsuge and HidemaTanaka, National Defense Academy of Japan, Japan

Abstract

An Intrusion Detection System (IDS) is countermeasureagainst network attack. There are mainly two typesof detections; signature-based and anomaly-based. And thereare two kinds of error; false negative and false positive. Indevelopment of IDS, establishment of a method to reduce suchfalse is a major issue. In this paper, we propose a new anomaly-baseddetection method using Discrete Fourier Transform (DFT)with window function. In our method, we assume fluctuation ofpayload in ordinary sessions as random. On the other hand, we cansee fluctuation in attack sessions have bias. From the viewpointof spectrum analysis based on such assumption, we can find outdifferent characteristic in spectrum of attack sessions. Using thecharacteristic, we can detect attack sessions. Example detectionagainst Kyoto2006+ dataset shows 12.0% of false positive at most,and 0.0% of false negative.

Keywords

Intrusion Detection System, Discrete Fourier Transform, window function, Kyoto2006+ dataset

Original Source URL: https://aircconline.com/ijnsa/V8N2/8216ijnsa02.pdf

Volume URL: https://airccse.org/journal/jnsa16_current.html