Journal ArticleOPEN ACCESS

Unexpected-behavior detection using TopK rankings for cybersecurity

Applied Sciences (Switzerland) (2019) 9(20)
DOI: 10.3390/app9204381
1Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.

Abstract

Anomaly-based intrusion detection systems use profiles to characterize expected behavior of network users. Most of these systems characterize the entire network traffic within a single profile. This work proposes a user-level anomaly-based intrusion detection methodology using only the user's network traffic. The proposed profile is a collection of TopK rankings of reached services by the user. To detect unexpected behaviors, the real-time traffic is organized into TopK rankings and compared to the profile using similarity measures. The experiments demonstrated that the proposed methodology was capable of detecting a particular kind of malware attack in all the users tested.

Author supplied keywords

Cite

CITATION STYLE

APA

Parres-Peredo, A., Piza-Davila, I., & Cervantes, F. (2019). Unexpected-behavior detection using TopK rankings for cybersecurity. Applied Sciences (Switzerland), 9(20). https://doi.org/10.3390/app9204381

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free