Article

Article title APPLICATION OF ANTMINER+ ALGORITHM TO EVENT CLASSIFICATION FOR NETWORK TRAFFIC ANALYSIS
Authors A.A. Taran
Section SECTION II. PROTECTION OF COMPUTER SYSTEMS
Month, Year 12, 2012 @en
Index UDC 004.056
DOI
Abstract The article deals with the technologies of data classification based on the algorithm AntMiner+ in the analysis of the network traffic for intrusion detection. Special attention is paid to the properties of the algorithm which allow us automatically receive understandable, human readable and strongly related with the problem under consideration and describing sets. Some conclusion about applicability of the methods to the tasks of automated generation of attack"s signatures and profiles of system"s normal behavior are made. The paper also explores the results of experiments which confirm the hypothesis about algorithm"s properties.

Download PDF

Keywords Anomaly detection; data classification; network traffic analysis; AntMiner+; signatures; rule conduction
References 1. Tsang C.-H., Kwong S. Ant colony clustering and feature extraction for anomaly intrusion detection. 2006. Studies in computational intelligence. – Vol. 34. Springer. – P. 101-121.
2. Martens D., De Backer M., Haesen R., Baesens B., Holvoet T. Ants constructing rule-based classifiers. 2006. Studies in computational intelligence, vol. 34. Springer. – P. 21-41 .
3. Официальный сайт KDD CUP. http://www.sigkdd.org/kddcup/index.php?section=1999&method=task.
4. Bhatkar S., Chaturvedi A., Sekar R. Dataflow Anomaly Detection // SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy. IEEE Computer Society Washington, DC, USA. 2002. – P. 48-62.
5. Нестеренко В. А., Таран А.А., Редукция размерности пространства состояний в задачах анализа сетевого трафика // Известия ЮФУ. Технические науки. – 2011. – № 12 (125).
– C. 96-103.

Comments are closed.