FEX – A Feature Extractor for Real-Time IDS
- In the field of network security, the detection of possible intrusions is an important task to prevent and analyse attacks. Machine learning has been adopted as a particular supporting technique over the last years. However, the majority of related published work uses post mortem log files and fails to address the required real-time capabilities of network data feature extraction and machineIn the field of network security, the detection of possible intrusions is an important task to prevent and analyse attacks. Machine learning has been adopted as a particular supporting technique over the last years. However, the majority of related published work uses post mortem log files and fails to address the required real-time capabilities of network data feature extraction and machine learning based analysis [1-5]. We introduce the network feature extractor library FEX, which is designed to allow real-time feature extraction of network data. This library incorporates 83 statistical features based on reassembled data flows. The introduced Cython implementation allows processing individual packets within 4.58 microseconds. Based on the features extracted by FEX, existing intrusion detection machine learning models were examined with respect to their real-time capabilities. An identified Decision-Tree Classifier model was thus further optimised by transpiling it into C Code. This reduced the prediction time of a single sample to 3.96 microseconds on average. Based on the feature extractor and the improved machine learning model an IDS system was implemented which supports a data throughput between 63.7 Mbit/s and 2.5 Gbit/s making it a suitable candidate for a real-time, machine-learning based IDS.…
Document Type: | Conference Proceeding |
---|---|
Conference Type: | Konferenzartikel |
Zitierlink: | https://opus.hs-offenburg.de/5201 | Bibliografische Angaben |
Title (English): | FEX – A Feature Extractor for Real-Time IDS |
Conference: | 24th International Conference (ISC 2021), November 10-12, 2021, Virtual Event |
Author: | Andreas SchaadStaff MemberORCiDGND, Dominik BinderStaff MemberGND |
Year of Publication: | 2021 |
Place of publication: | Cham |
Publisher: | Springer |
Page Number: | 17 |
First Page: | 221 |
Last Page: | 237 |
Parent Title (English): | Information Security |
Editor: | Joseph K. Liu, Sokratis Katsikas, Weizhi Meng, Willy Susilo, Rolly Intan |
Volume: | LNCS 13118 |
ISBN: | 978-3-030-91355-7 (Print) |
ISBN: | 978-3-030-91356-4 (Online) |
DOI: | https://doi.org/10.1007/978-3-030-91356-4_12 |
Language: | English | Inhaltliche Informationen |
Institutes: | Fakultät Medien (M) (ab 22.04.2021) |
Collections of the Offenburg University: | Bibliografie |
DDC classes: | 000 Allgemeines, Informatik, Informationswissenschaft / 000 Allgemeines, Wissenschaft / 004 Informatik |
Tag: | Feature extraction; Machine Learning; Real-time | Formale Angaben |
Open Access: | Closed Access |
Licence (German): | ![]() |