Previous work has demonstrated that machine learning-based network intrusion detection systems (IDS) can be constructed to provide a significant proportion of the accuracy of a conventional signature-based IDS while using a fraction of the resources. Such systems are ideally suited to mobile tactical networks, which typically require much denser sensor coverage to ensure complete network protection and have relatively limited size, weight, and power budgets within which to both protect and operate the network. In this study, we extend previous work on the Extremely Lightweight Intrusion Detection system (ELIDe) and examine its ability to both store a wide range of signatures and generalize to new data. We also demonstrate the following: (1) ELIDe weight vectors are capable of storing multiple signatures while not significantly affecting the false-positive rate; (2) such weight vectors can detect packets that match the signatures on which they were trained with a high degree of accuracy (low false-negative rate); and (3), in addition to approximating the output of a conventional set of signatures, ELIDe weight vectors can also weakly generalize to novel malicious traffic. We show that, despite the significant challenges mobile tactical networks pose for intrusion detection, the use of machine learning allows the deployment of approximate signaturebased intrusion detection in such networks.
Ken F. Yu, Richard E. Harang, and Kerry N. Wood, "Machine learning for intrusion detection in mobile tactical networks," Proc. SPIE 10185, Cyber Sensing 2017, 1018504 (Presented at SPIE Defense + Security: April 11, 2017; Published: 1 May 2017); https://doi.org/10.1117/12.2261683.
Conference Presentations are recordings of oral presentations given at SPIE conferences and published as part of the conference proceedings. They include the speaker's narration along with a video recording of the presentation slides and animations. Many conference presentations also include full-text papers. Search and browse our growing collection of more than 12,000 conference presentations, including many plenary and keynote presentations.