Network Intrusion Detection Using SemiSupervised Learning Based on Normal Behaviour's Standard Deviation

Barhoom, Tawfiq S. and Matar, Ramzi A. (2015) Network Intrusion Detection Using SemiSupervised Learning Based on Normal Behaviour's Standard Deviation. International Journal of Advanced Research in Computer and Communication Engineering, 4 (1). pp. 375-382. ISSN ISSN (Online) : 2278-1021 ISSN (Print) : 2319-5940


Download (289kB) | Preview
Official URL:


Misuse detection is the traditional technique used in Network Intrusion Detection Systems (NIDSs) which relies on matching the current behavior of network with pre-defined attacks’ signatures. This technique is effective to detect the majority of known attacks, but fails to protect from unknown threats, such as zero-day exploits. In addition the increasing diversity and polymorphism of network attacks further obstruct modeling signatures, such that there is a high demand for alternative detection techniques. Many researchers are still trying to solve the problem by using new machine learning techniques such as supervised or unsupervised learning; however producing labeled dataset for supervised learning is difficult, also it is difficult to label the generated clusters to normal or abnormal in unsupervised learning. To overcome these issues we have proposed a novel technique by using semi-supervised learning technique which based on the standard deviation of the normal behavior by which we attempt to detect attacks by calculating their deviations from the normal cluster in observed data.

Item Type: Article
Additional Information: Abu Alloh
Uncontrolled Keywords: Network Intrusion Detection, Anomaly detection, Semi-supervised learning, Standard Deviation
Subjects: T Technology > T Technology (General)
Divisions: Faculty of Engineering, Science and Mathematics > School of Electronics and Computer Science
Depositing User: Mr Ramzi Matar
Date Deposited: 14 Feb 2018 12:22
Last Modified: 11 Mar 2018 09:03

Actions (login required)

View Item View Item