Advanced search
Start date
Betweenand

Intrusion detection based on Optimum-Path Forest

Grant number: 10/02045-3
Support type:Scholarships in Brazil - Master
Effective date (Start): March 01, 2011
Effective date (End): July 31, 2012
Field of knowledge:Physical Sciences and Mathematics - Computer Science
Principal Investigator:João Paulo Papa
Grantee:Clayton Reginaldo Pereira
Home Institution: Faculdade de Ciências (FC). Universidade Estadual Paulista (UNESP). Campus de Bauru. Bauru , SP, Brazil
Associated research grant:09/16206-1 - New trends on optimum-path forest-based pattern recognition, AP.JP

Abstract

Given that the increasing number of attacks in computer networks, it has been more necessary to use robust and efficient intrusion detection systems. Traditional techniques of artificial intelligence and pattern recognition have been extensively employed aiming to build efficient models that can handle such problems. Approaches widely known, such as Artificial Neural Networks and Support Vector Machines, for instance, can make the detection of anomalies in computer network's traffic more efficient, which can characterize several types of attacks. However, such approaches pay the price of high accuracies with a high computational burden for training patterns, avoiding their use in intrusion detection systems that require a retraining procedure on-the-fly. Thus, it is desirable to have a system that can be retrained and as soon as possible to work on again, without compromising its accuracy. This problem can be more critical in situations in which the amount of data is considerable, and the training phase, which sometimes requires parameter optimization, has an exponential complexity. A simple traffic analysis in a small network, for instance, can lead us to work with millions of data. Recently, a new pattern recognition called Optimum-Path Forest was proposed in the literature aiming to ally both efficiency and effectiveness, and has been demonstrated to be superior than Artificial Neural Networks and similar to Support Vector Machines, but much faster. The main idea consists, basically, into modeling the pattern recognition problem as an optimum-path tree generation in a graph. Beginning with some key elements (prototypes), they will conquer the remaining samples offering to them optimum path costs, originating at the final of the process a collection of optimum-path tress rooted at these prototypes. In such a way, we proposed in this project to use the Optimum-Path Forest classifier to detect intrusions in computer networks. Another motivation of using this technique relies on the possibility of real time system retraining, aiming to increase its accuracy and consisting in a resilient approach for computer networks' traffic monitoring, regarding its property into working on again in a fast manner. Note that this task may not be handled by the traditional pattern recognition techniques. Another objective of this work is to propose a new learning with pruning algorithm to detect irrelevant samples for Optimum-Path Forest, aiming to design more efficient and compact training sets. In such a way, the present research work is the first one into applying Optimum-Path Forest for intrusion detection systems in the context of computer networks, and also to propose a new training set compression algorithm, which can be used by other pattern recognition techniques in several application domains.

Scientific publications
(References retrieved automatically from Web of Science and SciELO through information on FAPESP grants and their corresponding numbers as mentioned in the publications by the authors)
COSTA, KELTON A. P.; PEREIRA, LUIS A. M.; NAKAMURA, RODRIGO Y. M.; PEREIRA, CLAYTON R.; PAPA, JOAO P.; FALCAO, ALEXANDRE XAVIER. A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks. INFORMATION SCIENCES, v. 294, p. 95-108, FEB 10 2015. Web of Science Citations: 30.
PEREIRA, CLAYTON R.; NAKAMURA, RODRIGO Y. M.; COSTA, KELTON A. P.; PAPA, JOAO P. An Optimum-Path Forest framework for intrusion detection in computer networks. ENGINEERING APPLICATIONS OF ARTIFICIAL INTELLIGENCE, v. 25, n. 6, p. 1226-1234, SEP 2012. Web of Science Citations: 24.
Academic Publications
(References retrieved automatically from State of São Paulo Research Institutions)
PEREIRA, Clayton Reginaldo. Detecção de intrusão em redes de computadores utilizando Floresta de Caminhos Ótimos. 2012. Master's Dissertation - Universidade Estadual Paulista. Instituto de Biociências, Letras e Ciências Exatas. São José do Rio Preto.

Please report errors in scientific publications list by writing to: cdi@fapesp.br.