Persistent Link:
http://hdl.handle.net/10150/581632
Title:
Telemetry Network Intrusion Detection System
Author:
Maharjan, Nadim; Moazzemi, Paria
Affiliation:
Morgan State University
Issue Date:
2012-10
Rights:
Copyright © held by the author; distribution rights International Foundation for Telemetering
Collection Information:
Proceedings from the International Telemetering Conference are made available by the International Foundation for Telemetering and the University of Arizona Libraries. Visit http://www.telemetry.org/index.php/contact-us if you have questions about items in this collection.
Publisher:
International Foundation for Telemetering
Journal:
International Telemetering Conference Proceedings
Abstract:
Telemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks.
Keywords:
Intrusion Detection System; Vector Quantization; K-means Clustering; Hidden Markov Model; Security; iNET
Sponsors:
International Foundation for Telemetering
ISSN:
0884-5123; 0074-9079
Additional Links:
http://www.telemetry.org/

Full metadata record

DC FieldValue Language
dc.language.isoen_USen
dc.titleTelemetry Network Intrusion Detection Systemen_US
dc.contributor.authorMaharjan, Nadimen
dc.contributor.authorMoazzemi, Pariaen
dc.contributor.departmentMorgan State Universityen
dc.date.issued2012-10en
dc.rightsCopyright © held by the author; distribution rights International Foundation for Telemeteringen_US
dc.description.collectioninformationProceedings from the International Telemetering Conference are made available by the International Foundation for Telemetering and the University of Arizona Libraries. Visit http://www.telemetry.org/index.php/contact-us if you have questions about items in this collection.en_US
dc.publisherInternational Foundation for Telemeteringen
dc.description.abstractTelemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks.en
dc.subjectIntrusion Detection Systemen
dc.subjectVector Quantizationen
dc.subjectK-means Clusteringen
dc.subjectHidden Markov Modelen
dc.subjectSecurityen
dc.subjectiNETen
dc.description.sponsorshipInternational Foundation for Telemeteringen
dc.identifier.issn0884-5123en
dc.identifier.issn0074-9079en
dc.identifier.urihttp://hdl.handle.net/10150/581632en
dc.identifier.journalInternational Telemetering Conference Proceedingsen
dc.typetexten
dc.typeProceedingsen
dc.relation.urlhttp://www.telemetry.org/en
All Items in UA Campus Repository are protected by copyright, with all rights reserved, unless otherwise indicated.