ETRI-Knowledge Sharing Plaform

KOREAN
논문 검색
Type SCI
Year ~ Keyword

Detail

Conference Paper Anomaly Detection Method using Network Pattern Analysis of Process
Cited 2 time in scopus Share share facebook twitter linkedin kakaostory
Authors
Minho Han, Ikkyun Kim
Issue Date
2015-10
Citation
World Congress on Internet Security (WorldCIS) 2015, pp.159-163
Language
English
Type
Conference Paper
DOI
https://dx.doi.org/10.1109/WorldCIS.2015.7359435
Abstract
The only solution against zero day attack is the anomaly based detection independent of specific signatures. The basic mechanism in the anomaly detection approach is establishing a profile to describe the "normal" situation of a network or machine. If this profile was accurate enough, all attacks should be detected because they are "abnormal" to the profile. Until now, there has no effective method to construct such a perfect profile. Also, the biggest problem is the dilemma between detection rate and false positive. Therefore, in this paper, we present a new solution to reduce false positive by network pattern analysis of process.
KSP Keywords
Detection Method, False Positive(FP), Network pattern, Zero-day attacks, anomaly based detection, anomaly detection, detection rate(DR), pattern analysis