Volume- 2
Issue- 4
Year- 2014
Article Tools: Print the Abstract | Indexing metadata | How to cite item | Email this article | Post a Comment
Meera A R , Jismy K Jose
Wireless sensor networks are mostly vulnerable to attacks. It’s difficult to find /track attacker due to mobility. Indeed, the numbers of new attacks as well as their sophistication are continuously increasing. Diametrically opposite strategy has been studied in the last few years such as unsupervised anomaly detection (UAD). UAD uses data mining techniques to extract patterns and uncover similar structures “hidden” in unlabeled traffic or unknown nature (attack or normal operation traffic), without relying on Digital signatures or baseline traffic profiles. Based on the observation that attacks, particularly the most difficult ones to detect are contained in a small fraction of traffic flows with respect to normal operation traffic so we propose a paramount advantage of unsupervised, knowledgeindependent detection algorithms based on clustering. The main aim is to combine the clustering results provided by multiple independent partitions of the same set of flows and filtering out biased groupings. We focus on the detection and characterization of standard and well-known attacks, which facilitates the interpretation of results. Denial of service (DOS), distributed DOS (DDOS), network scans, and worm propagation are examples of such standard network attacks. The approach can easily be generalized to detect other kinds of anomalies and attacks.
[1] Pedro Casas, Johan Mazel, and Philippe Owezarski, CNRS and Universite de Toulouse, “Knowledge-Independent Traffic Monitoring: Unsupervised detection Of Network Attacks,” IEEE Network.January/February 2012
[2] G. Androulidakis, V. Chatzigiannakis, and S. Papavassiliou, “Network Anomaly Detection and Classification via Opportunistic Sampling,” IEEE Network vol. 23, no. 1, 2009.
[3] K. Cho, K. Mitsuya, and A. Kato, “Traffic Data Repository at the WIDE Project,” Proc. USENIX Annual Technical Conf., 2000
[4] E. Eskin et al., “A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data,” Applications of Data Mining in Computer Security, Kluwer Publisher, 2002.
[5] G. Fernandes and P. Owezarski,“Automated Classification of Network Traffic Anomalies,” Proc. 5th Int’l. ICST Conf. Security and Privacy in Communication Networks, 2009
[6] A. Fred and A. K. Jain, “Combining Multiple Clusterings Using Evidence Accumulation,” IEEE Trans. Pattern Analysis and Machine Intelligence, vol.27, no. 6, 2005, pp. 835–50.
[7] A. K. Jain, “Data Clustering: 50 Years Beyond K-Means,” Pattern Recognition Letters, vol. 31, no. 8, 2010, pp. 651–66.
[8] A. Lakhina, M. Crovella, and C. Diot,“Mining Anomalies Using Traffic Feature Distributions,” Proc. ACM SIGCOMM, 2005.
[9] K. Leung and C. Leckie, “Unsupervised Anomaly Detection in Network Intrusion Detection Using Clustering,” Proc. 28th ACSC, 2005.
[10] H. Ringberg et al., “Sensitivity of PCA for Traffic Anomaly Detection,” Proc.ACM SIGMETRICS, 2007.
Assistant Professor,Cochin University College of Engineering Kuttanadu, Pulincunoo, India. (e-mail: ar.meera@gmail.com)
No. of Downloads: 3 | No. of Views: 927
Indri Dayana, Habib Satria, Yudi.
March 2023 - Vol 11, Issue 2
Mega Puspita Sari, Indri Dayana, Habib Satria.
March 2023 - Vol 11, Issue 2
Tika Ermita Wulandari, Indri Dayana, Habib Satria.
March 2023 - Vol 11, Issue 2