Early Intrusion Detection for OS Scan Attacks
![Thumbnail](/dspace/bitstream/handle/2183/36931/LopezVizcaino_Manuel_2019_Early_Intrusion_Detection_for_OS_Scan_Attacks.pdf.jpg?sequence=4&isAllowed=y)
Not available until 9999-99-99
Use this link to cite
http://hdl.handle.net/2183/36931Collections
Metadata
Show full item recordTitle
Early Intrusion Detection for OS Scan AttacksAuthor(s)
Date
2019-09Citation
M. López-Vizcaíno, F. J. Novoa, D. Fernández, V. Carneiro and F. Cacheda, "Early Intrusion Detection for OS Scan Attacks," 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA, 2019, pp. 1-5, doi: 10.1109/NCA.2019.8935067.
Abstract
[Abstract]: Network Intrusion Detection Systems (NIDS) are concerned with the discovery of unauthorized accesses to computer networks by analyzing the traffic in order to detect malicious activity. In the event of an intrusion, the time elapsed until the detection is a key factor to break the Cyber Kill Chain. State-of-the-art studies use a traditional evaluation based on standard accuracy metrics (e.g. precision or F-measure) without taking into account the time required to detect a threat. In this paper, we formally define the early intrusion detection problem. We perform a thorough evaluation adapting existing time-aware metrics to the early detection of threats on a computer network and we also propose a new metric (i.e. NormERDE). Our results show how a good performance on standard metrics may not correspond to good results on early detection metrics. For instance, a technique with a high level of precision could need too much time to detect a threat. Therefore, in this paper we propose taking into account time-aware metrics in NIDS evaluations due to the importance of this factor in a real world environment.
Keywords
Communication Networks
Early Intrusion Detection
NIDS
Early Intrusion Detection
NIDS
Description
18th IEEE International Symposium on Network Computing and Applications, NCA 2019, Cambridge, 26 - 28 September 2019
Editor version
Rights
Copyright © 2019, IEEE