当前位置: X-MOL 学术IEEE Trans. Netw. Serv. Manag. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process
IEEE Transactions on Network and Service Management ( IF 5.3 ) Pub Date : 2020-12-01 , DOI: 10.1109/tnsm.2020.3016246
Borja Molina-Coronado , Usue Mori , Alexander Mendiburu , Jose Miguel-Alonso

The identification of network attacks which target information and communication systems has been a focus of the research community for years. Network intrusion detection is a complex problem which presents a diverse number of challenges. Many attacks currently remain undetected, while newer ones emerge due to the proliferation of connected devices and the evolution of communication technology. In this survey, we review the methods that have been applied to network data with the purpose of developing an intrusion detector, but contrary to previous reviews in the area, we analyze them from the perspective of the Knowledge Discovery in Databases (KDD) process. As such, we discuss the techniques used for the collecion, preprocessing and transformation of the data, as well as the data mining and evaluation methods. We also present the characteristics and motivations behind the use of each of these techniques and propose more adequate and up-to-date taxonomies and definitions for intrusion detectors based on the terminology used in the area of data mining and KDD. Special importance is given to the evaluation procedures followed to assess the detectors, discussing their applicability in current, real networks. Finally, as a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.

中文翻译:

从数据库过程中的知识发现看网络入侵检测方法

多年来,识别针对信息和通信系统的网络攻击一直是研究界的焦点。网络入侵检测是一个复杂的问题,它提出了各种各样的挑战。许多攻击目前仍未被发现,而由于连接设备的激增和通信技术的发展,出现了新的攻击。在本次调查中,我们回顾了已应用于网络数据的方法,目的是开发入侵检测器,但与该领域之前的评论相反,我们从数据库中的知识发现 (KDD) 过程的角度分析它们。因此,我们讨论了用于数据收集、预处理和转换的技术,以及数据挖掘和评估方法。我们还介绍了使用这些技术背后的特征和动机,并根据数据挖掘和 KDD 领域中使用的术语为入侵检测器提出了更充分和最新的分类法和定义。特别重视评估检测器所遵循的评估程序,讨论它们在当前真实网络中的适用性。最后,作为这篇文献综述的结果,我们调查了一些需要在网络安全领域进一步研究的开放问题。特别重视评估检测器所遵循的评估程序,讨论它们在当前真实网络中的适用性。最后,作为这篇文献综述的结果,我们调查了一些需要在网络安全领域进一步研究的开放问题。特别重视评估检测器所遵循的评估程序,讨论它们在当前真实网络中的适用性。最后,作为这篇文献综述的结果,我们调查了一些需要在网络安全领域进一步研究的开放问题。
更新日期:2020-12-01
down
wechat
bug