Efficient Statistics Based Framework for Network Intrusion Detection
Due to the growing threat of network attacks, detecting and measuring network abuse are increasingly important. Network intrusion detection is one of the most frequently deployed approaches. Most detection systems only rely on signature matching methods and, therefore, they suffer from novel attacks. This investigation presents a simple yet efficient data-mining framework (SID) that constructs a statistics based abusive traffic detection system based on network flows. The authors show that SID can accurately and automatically detect existing and new malicious network attempts. Experimental results validate the feasibility of using SID to detect network anomaly intrusions.