Browse > Article
http://dx.doi.org/10.4218/etrij.2019-0476

Network intrusion detection method based on matrix factorization of their time and frequency representations  

Chountasis, Spiros (Department of Systems and Infrastructure, Independent Power Transmission Operator)
Pappas, Dimitrios (Department of Statistics, Athens University of Economics and Business)
Sklavounos, Dimitris (Department of Computer Science, Metropolitan College)
Publication Information
ETRI Journal / v.43, no.1, 2021 , pp. 152-162 More about this Journal
Abstract
In the last few years, detection has become a powerful methodology for network protection and security. This paper presents a new detection scheme for data recorded over a computer network. This approach is applicable to the broad scientific field of information security, including intrusion detection and prevention. The proposed method employs bidimensional (time-frequency) data representations of the forms of the short-time Fourier transform, as well as the Wigner distribution. Moreover, the method applies matrix factorization using singular value decomposition and principal component analysis of the two-dimensional data representation matrices to detect intrusions. The current scheme was evaluated using numerous tests on network activities, which were recorded and presented in the KDD-NSL and UNSW-NB15 datasets. The efficiency and robustness of the technique have been experimentally proved.
Keywords
network analysis; network security; principal component analysis; singular value decomposition;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Kundu, S. Sural, and A. K. Majumdar, Database intrusion detection using sequence alignment, Int. J. Inf. Security 9 (2010), 179-191.   DOI
2 D. Meyer, Matrix Analysis And Applied Linear Algebra, SIAM, Philadelphia 2000.
3 H. Demirel, C. Ozcinar, and G. Anbarjafari, Satellite image contrast enhancement using discrete wavelet transform and singular value decomposition, IEEE Geosci. Remote Sens. Lett. 7 (2010), 333-337.   DOI
4 N. Halko, P. G. Martinsson, and J. A. Tropp, Finding structure with randomness: Probabilistic algorithms for constructing approximate matrix decompositions, SIAM Rev. 53 (2011), 217-288.   DOI
5 H. Anat and J. Darcy, The impact of denial of service attack announcements on the market value of firms, Risk Manage. Insurance Rev. 6 (2003), 97-121.   DOI
6 S. Paliwal and G. Ravindra, Denial-of-service, probing and remote to user (R2L) attack detection using genetic algorithm, Int. J. Comput. Applicat. 60 (2012), 57-62.
7 S. Antonatos, K. Anagnostakis, and E. Markatos, Generating realistic workloads for network intrusion detection systems, in Proc. ACM Workshop Softw. Performance (Redwood City, CA, USA), Jan. 2004, pp. 1-9.
8 E. Ireland, Intrusion detection with genetic algorithms and fuzzy logic, in Proc. UMMC SciSenior Seminar Conf. (Morris, MN, USA), 2013, pp. 1-30
9 K. Scarfone and P. Mell, Special Publication 800-94: Guide to intrusion detection and prevention systems (IDPS), National Institute of Standards and Technology (NIST), 2007.
10 P. Garcia-Teodoro et al., Anomaly-based network intrusion detection: Techniques, systems and challenges, Comput. Security 28 (2009), 18-28.   DOI
11 K. Wang, J. Salvatore, and S. J. Stolfo, Recent Advances in Intrusion Detection, In Anomalous payload-based network intrusion detection, Springer: Berlin Heidelberg, 2007, pp. 203-222.
12 L. Tan, B. Brotherton, and T. Sherwood, Bit-split string-matching engines for intrusion detection and prevention, ACM Trans. Architecture Code Optimization 3 (2006), 3-34.   DOI
13 Y. Qu and Q. Lu, Effectively mining network traffic intelligence to detect malicious stealthy port scanning to cloud servers, J. Internet Technol. 15 (2014), 841-852.
14 L. Cohen, Time-frequency distributions-A review, Proc. IEEE 77 (1989), 941-981.   DOI
15 K. Watanabe, N. Tsuruoka, and R. Himeno. Performance of network intrusion detection cluster system, in Proc. Int. Symp. High Performance Comput. (Tokyo, Japan), Oct. 2003, pp. 278-287.
16 M. J. Bastiaans, T. Alieva, and J. Stankovic, On rotated time-frequency kernels, IEEE Signal Process. Lett. 9 (2002), 378-381.   DOI
17 F. Hlawatsch and G. F. Boudreaux-Bartels, Linear and quadratic time-frequency signal representations, IEEE Signal Process Mag. 9 (1992), 21-67.   DOI
18 S. Chountasis, D. Pappas, and V. N. Katsikis, Signal watermarking in bi-dimensional representations using matrix factorizations, Comput. Appl. Math. 36 (2017), 341-357.   DOI
19 D. Lay, Linear Algebra and its Applications, 4th ed, Addison-Wesley, Boston, MA, USA, 2012.
20 H. Liu, C. Xiangdong, and L. Shalini, Understanding modern intrusion detection systems: A survey, arXive preprint, 2017, arXiv:1708.07174v2[cs.CR].
21 P. Aggarwala and S. K. Sharma, Analysis of KDD dataset attributes- class wise for intrusion detection, Procedia Comput. Sci. 57 (2015), 842-851.   DOI
22 N. Moustafa and J. Slay, The evaluation of network anomaly detection systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set, Inf. Secur. J. 25 (2016), 18-31.   DOI