Publicação: Real-time application of OPF-based classifier in Snort IDS
| dc.contributor.author | Utimura, Luan [UNESP] | |
| dc.contributor.author | Costa, Kelton [UNESP] | |
| dc.contributor.author | Scherer, Rafał | |
| dc.contributor.institution | Universidade Estadual Paulista (UNESP) | |
| dc.contributor.institution | Czestochowa University of Technology | |
| dc.date.accessioned | 2023-03-01T20:22:14Z | |
| dc.date.available | 2023-03-01T20:22:14Z | |
| dc.date.issued | 2022-01-24 | |
| dc.description.abstract | As the internet grows over the years, it is possible to observe an increase in the amount of data that travels on computer networks around the world. In a context in which the volume of data is continuously being renewed, from the perspective of the Computer Network Security area, it becomes a great challenge to protect, in terms of effectiveness and efficiency, today's computer systems. Among the primary security mechanisms employed in these environments, the Network Intrusion Detection Systems stand out. Although the signature-based detection approach of these tools is sufficient to combat known attacks, with the eventual discovery of new vulnerabilities, it is necessary to use anomaly-based detection approaches to mitigate the damage of unknown attacks. In the academic field, several studies have explored the development of hybrid approaches to improve the accuracy of these tools, with the aid of machine learning techniques. In this same line of research, this chapter aims at the application of these techniques for intrusion detection in a real-time environment using a popular and widely utilized tool, the Snort IDS. The presented results show that in certain attack scenarios, the anomaly-based detection approach can outperform the signature-based detection approach, with emphasis on the optimum-path forest, AdaBoost, Random Forests, decision tree, and support vector machine techniques. © 2022 Copyright | en |
| dc.description.affiliation | São Paulo State University Department of Computing | |
| dc.description.affiliation | Czestochowa University of Technology Department of Computing | |
| dc.description.affiliationUnesp | São Paulo State University Department of Computing | |
| dc.format.extent | 55-93 | |
| dc.identifier | http://dx.doi.org/10.1016/B978-0-12-822688-9.00011-6 | |
| dc.identifier.citation | Optimum-Path Forest: Theory, Algorithms, and Applications, p. 55-93. | |
| dc.identifier.doi | 10.1016/B978-0-12-822688-9.00011-6 | |
| dc.identifier.scopus | 2-s2.0-85134983394 | |
| dc.identifier.uri | http://hdl.handle.net/11449/240550 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Optimum-Path Forest: Theory, Algorithms, and Applications | |
| dc.source | Scopus | |
| dc.subject | Anomaly detection | |
| dc.subject | Intrusion detection systems | |
| dc.subject | Machine learning | |
| dc.subject | OPF | |
| dc.subject | Snort | |
| dc.title | Real-time application of OPF-based classifier in Snort IDS | en |
| dc.type | Capítulo de livro | |
| dspace.entity.type | Publication |