Anomaly traffic detection of database network based on flow statistical feature |
| |
Authors: | Xinliang Wang Fang Liu Luying Chen and Zhenming Lei |
| |
Affiliation: | (1) UCL, Communication and Remote Sensing Lab, Louvain-la-Neuve, Belgium;(2) Multitel, Mons, Belgium |
| |
Abstract: | The traditional intrusion detection system has the problem of high false positive rate and false negative rate. This paper
deeply analyzes the differences of statistical features between single-flow and multi-flow on the database network, and presents
a group of features that are easy to acquire and can be used to detect the anomaly in database network efficiently. By applying
this group of features in Fisher algorithm for anomaly detection, the false positive rate and false negative rate are dramatically
reduced. Simultaneously, the model made by using the group of features has the advantages of low algorithm complexity, good
detection result and strong generalization ability. Experimental results show that there is higher accuracy when using the
features of single-flow and multi-flow to construct the anomaly detection model than only using single-flow features. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|