Telemetry Network Intrusion Detection System
| dc.contributor.author | Maharjan, Nadim | |
| dc.contributor.author | Moazzemi, Paria | |
| dc.date.accessioned | 2015-11-03T17:44:32Z | en |
| dc.date.available | 2015-11-03T17:44:32Z | en |
| dc.date.issued | 2012-10 | en |
| dc.identifier.issn | 0884-5123 | en |
| dc.identifier.issn | 0074-9079 | en |
| dc.identifier.uri | http://hdl.handle.net/10150/581632 | en |
| dc.description | ITC/USA 2012 Conference Proceedings / The Forty-Eighth Annual International Telemetering Conference and Technical Exhibition / October 22-25, 2012 / Town and Country Resort & Convention Center, San Diego, California | en_US |
| dc.description.abstract | Telemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks. | |
| dc.description.sponsorship | International Foundation for Telemetering | en |
| dc.language.iso | en_US | en |
| dc.publisher | International Foundation for Telemetering | en |
| dc.relation.url | http://www.telemetry.org/ | en |
| dc.rights | Copyright © held by the author; distribution rights International Foundation for Telemetering | en_US |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | |
| dc.subject | Intrusion Detection System | en |
| dc.subject | Vector Quantization | en |
| dc.subject | K-means Clustering | en |
| dc.subject | Hidden Markov Model | en |
| dc.subject | Security | en |
| dc.subject | iNET | en |
| dc.title | Telemetry Network Intrusion Detection System | en_US |
| dc.type | text | en |
| dc.type | Proceedings | en |
| dc.contributor.department | Morgan State University | en |
| dc.identifier.journal | International Telemetering Conference Proceedings | en |
| dc.description.collectioninformation | Proceedings from the International Telemetering Conference are made available by the International Foundation for Telemetering and the University of Arizona Libraries. Visit http://www.telemetry.org/index.php/contact-us if you have questions about items in this collection. | en_US |
| refterms.dateFOA | 2018-09-10T23:40:28Z | |
| html.description.abstract | Telemetry systems are migrating from links to networks. Security solutions that simply encrypt radio links no longer protect the network of Test Articles or the networks that support them. The use of network telemetry is dramatically expanding and new risks and vulnerabilities are challenging issues for telemetry networks. Most of these vulnerabilities are silent in nature and cannot be detected with simple tools such as traffic monitoring. The Intrusion Detection System (IDS) is a security mechanism suited to telemetry networks that can help detect abnormal behavior in the network. Our previous research in Network Intrusion Detection Systems focused on "Password" attacks and "Syn" attacks. This paper presents a generalized method that can detect both "Password" attack and "Syn" attack. In this paper, a K-means Clustering algorithm is used for vector quantization of network traffic. This reduces the scope of the problem by reducing the entropy of the network data. In addition, a Hidden-Markov Model (HMM) is then employed to help to further characterize and analyze the behavior of the network into states that can be labeled as normal, attack, or anomaly. Our experiments show that IDS can discover and expose telemetry network vulnerabilities using Vector Quantization and the Hidden Markov Model providing a more secure telemetry environment. Our paper shows how these can be generalized into a Network Intrusion system that can be deployed on telemetry networks. |
