All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Attacking the IDS learning processes

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F13%3A00210663" target="_blank" >RIV/68407700:21230/13:00210663 - isvavai.cz</a>

  • Result on the web

    <a href="http://dx.doi.org/10.1109/ICASSP.2013.6639362" target="_blank" >http://dx.doi.org/10.1109/ICASSP.2013.6639362</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/ICASSP.2013.6639362" target="_blank" >10.1109/ICASSP.2013.6639362</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Attacking the IDS learning processes

  • Original language description

    Abstract We study the problem of directed attacks on the learning process of an anomaly-based Intrusion Detection System (IDS). We assume that the attack is performed by a knowledgeable attacker with an access to system's inputs, outputs, and all internal states. The attacker uses his knowledge of the IDS (implemented as an ensemble of anomaly detection algorithms) and its internal states to design the strongest undetectable attack of a particular type. We have experimented with different attacks against several anomaly detection algorithms individually, and against their combination. We show that while the individual anomaly detection algorithms can be easily avoided by the worst-case attacker that we assume, it is nearly impossible to avoid them simultaneously. These results were achieved during the experiments performed on university network traffic and are consistent with theoretical hypothesis grounded in steganalysis and watermarking.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JD - Use of computers, robotics and its application

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/GPP103%2F12%2FP514" target="_blank" >GPP103/12/P514: Real-time detection of anomalous events in a non-stationary environment</a><br>

  • Continuities

    S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2013

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Acoustics, Speech and Signal Processing (ICASSP), 2013 IEEE International Conference on

  • ISBN

    9781479903566

  • ISSN

    1520-6149

  • e-ISSN

  • Number of pages

    5

  • Pages from-to

    8687-8691

  • Publisher name

    IEEE

  • Place of publication

    Piscataway

  • Event location

    Vancouver

  • Event date

    May 26, 2013

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

Similar results(10)

Neural networks in intrusion detection systemsDetermination of Optimal Cluster Number in Connection to SCADAComparison of Suricata and Snort to detect denial of service attacks