The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Evaluation of Contemporary Anomaly Detection Systems (ADSs)
Abstract
Due to the rapidly evolving nature of network attacks, a considerable paradigm shift has taken place with focus now on Network-based Anomaly Detection Systems (NADSs) that can detect zero-day attacks. At this time, it is important to evaluate existing anomaly detectors to determine and learn from their strengths and weaknesses. Thus we aim to evaluate the performance of eight prominent network-based anomaly detectors under malicious portscan attacks. These NADSs are evaluated on three criteria: accuracy (ROC curves), scalability (with respect to varying normal and attack traffic rates, and deployment points) and detection delay. Based on our experiments, we identify promising guidelines to improve the accuracy and scalability of existing and future anomaly detectors. We show that the proposed guidelines provide considerable and consistent accuracy improvements for all evaluated NADSs.
Related Content
Chaymaâ Boutahiri, Ayoub Nouaiti, Aziz Bouazi, Abdallah Marhraoui Hsaini.
© 2024.
14 pages.
|
Imane Cheikh, Khaoula Oulidi Omali, Mohammed Nabil Kabbaj, Mohammed Benbrahim.
© 2024.
30 pages.
|
Tahiri Omar, Herrou Brahim, Sekkat Souhail, Khadiri Hassan.
© 2024.
19 pages.
|
Sekkat Souhail, Ibtissam El Hassani, Anass Cherrafi.
© 2024.
14 pages.
|
Meryeme Bououchma, Brahim Herrou.
© 2024.
14 pages.
|
Touria Jdid, Idriss Chana, Aziz Bouazi, Mohammed Nabil Kabbaj, Mohammed Benbrahim.
© 2024.
16 pages.
|
Houda Bentarki, Abdelkader Makhoute, Tőkési Karoly.
© 2024.
10 pages.
|
|
|