A Quantitative Logarithmic Transformation-Based Intrusion Detection System

Blue Lan, Ta Chun Lo, Rico Wei, Heng Yu Tang, Ce Kuen Shieh

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

Intrusion detection systems (IDS) play a vital role in protecting networks from malicious attacks. Modern IDS use machine-learning or deep-learning models to deal with the diversity of attacks that malicious users may employ. However, effective machine-learning methods incur a considerable cost in both the pretraining stage and the online detection process itself. Accordingly, this study proposes a quantitative logarithmic transformation-based intrusion detection system (QLT-IDS) that uses a straightforward statistical approach to analyze network behavior. Compared with machine-learning or deep-learning-based IDS methods, the proposed system requires neither a time-consuming and expensive data collection and training process, nor a GPU-included device to achieve a real-time detection performance. Furthermore, the system can deal not only with North-South attacks, but also East-West attacks, which pose a significant risk in real-world operations. The effectiveness of the proposed system is evaluated for both real-world campus network traffic and simulated traffic. The results confirm that QLT-IDS is able to detect a wide range of malicious attacks with a high precision, even under high down-sampling rate of the NetFlow records.

Original languageEnglish
Pages (from-to)20351-20364
Number of pages14
JournalIEEE Access
Volume11
DOIs
Publication statusPublished - 2023

All Science Journal Classification (ASJC) codes

  • General Engineering
  • General Materials Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'A Quantitative Logarithmic Transformation-Based Intrusion Detection System'. Together they form a unique fingerprint.

Cite this