Zeinab Heidarian

Work place: Department of Computer Engineering, University of Isfahan, Isfahan, Iran

E-mail: heidarian66@gmail.com

Website:

Research Interests: Intrusion Detection System, Detection Theory

Biography

Zeinab Heidarian received the BS degree in Computer engineering from the University of Isfahan, Iran in 2010. She also received the MSC degree in Computer architecture from the University of Isfahan, Iran in 2013. Her research interests include anomaly detection as well as GPU usage for speed increasing.

Author Articles
Intrusion Detection Based on Normal Traffic Specifications

By Zeinab Heidarian Naser Movahedinia Neda Moghim Payam Mahdinia

DOI: https://doi.org/10.5815/ijcnis.2015.09.04, Pub. Date: 8 Aug. 2015

As intrusion detection techniques based on malicious traffic signature are unable to detect unknown attacks, the methods derived from characterizing the behavior of the normal traffic are appropriate in case of detecting unseen intrusions. Based on such a technique, one class Support Vector Machine (SVM) is employed in this research to learn http regular traffic characteristics for anomaly detection. First, suitable features are extracted from the normal and abnormal http traffic; then the system is trained by the normal traffic samples. To detect anomaly, the actual traffic (including normal and abnormal packets) is compared to the deduced normal traffic. An anomaly alert is generated if any deviation from the regular traffic model is inferred. Examining the performance of the proposed algorithm using ISCX data set has delivered high accuracy of 89.25% and low false positive of 8.60% in detecting attacks on port 80. In this research, online step speed has reached to 77 times faster than CPU using GPU for feature extraction and OpenMp for parallel processing of packets.

[...] Read more.
Other Articles