1 May 2017 Machine learning for intrusion detection in mobile tactical networks
Author Affiliations +
Previous work has demonstrated that machine learning-based network intrusion detection systems (IDS) can be constructed to provide a significant proportion of the accuracy of a conventional signature-based IDS while using a fraction of the resources. Such systems are ideally suited to mobile tactical networks, which typically require much denser sensor coverage to ensure complete network protection and have relatively limited size, weight, and power budgets within which to both protect and operate the network. In this study, we extend previous work on the Extremely Lightweight Intrusion Detection system (ELIDe) and examine its ability to both store a wide range of signatures and generalize to new data. We also demonstrate the following: (1) ELIDe weight vectors are capable of storing multiple signatures while not significantly affecting the false-positive rate; (2) such weight vectors can detect packets that match the signatures on which they were trained with a high degree of accuracy (low false-negative rate); and (3), in addition to approximating the output of a conventional set of signatures, ELIDe weight vectors can also weakly generalize to novel malicious traffic. We show that, despite the significant challenges mobile tactical networks pose for intrusion detection, the use of machine learning allows the deployment of approximate signaturebased intrusion detection in such networks.
Conference Presentation
© (2017) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Ken F. Yu, Ken F. Yu, Richard E. Harang, Richard E. Harang, Kerry N. Wood, Kerry N. Wood, } "Machine learning for intrusion detection in mobile tactical networks", Proc. SPIE 10185, Cyber Sensing 2017, 1018504 (1 May 2017); doi: 10.1117/12.2261683; https://doi.org/10.1117/12.2261683

Back to Top