Skip to main content

Research Repository

Advanced Search

Intrusion detection method based on nonlinear correlation measure

Ambusaidi, Mohammed A.; Tan, Zhiyuan; He, Xiangjian; Nanda, Priyadarsi; Lu, Liang Fu; Jamdagni, Aruna

Authors

Mohammed A. Ambusaidi

Xiangjian He

Priyadarsi Nanda

Liang Fu Lu

Aruna Jamdagni



Abstract

Cyber crimes and malicious network activities have posed serious threats to the entire internet and its users. This issue is becoming more critical, as network-based services, are more widespread and closely related to our daily life. Thus, it has raised a serious concern in individual internet users, industry and research community. A significant amount of work has been conducted to develop intelligent anomaly-based intrusion detection systems (IDSs) to address this issue. However, one technical challenge, namely reducing false alarm, has been along with the development of anomaly-based IDSs since 1990s. In this paper, we provide a solution to this challenge. A nonlinear correlation coefficient-based (NCC) similarity measure is proposed to help extract both linear and nonlinear correlations between network traffic records. This extracted correlative information is used in our proposed IDS to detect malicious network behaviours. The effectiveness of the proposed NCC-based measure and the proposed IDS are evaluated using NSL-KDD dataset. The evaluation results demonstrate that the proposed NCC-based measure not only helps reduce false alarm rate, but also helps discriminate normal and abnormal behaviours efficiently.

Journal Article Type Article
Publication Date 2014
Deposit Date Nov 30, 2016
Journal International Journal of Internet Protocol Technology
Print ISSN 1743-8209
Electronic ISSN 1743-8217
Publisher Inderscience
Peer Reviewed Peer Reviewed
Volume 8
Issue 2/3
Pages 77
DOI https://doi.org/10.1504/ijipt.2014.066377
Keywords Cyber crime, intrusion detection systems, nonlinear correlation coefficient-based (NCC),
Public URL http://researchrepository.napier.ac.uk/Output/445852