Intrusion Detection
101 papers with code • 4 benchmarks • 7 datasets
Intrusion Detection is the process of dynamically monitoring events occurring in a computer system or network, analyzing them for signs of possible incidents and often interdicting the unauthorized access. This is typically accomplished by automatically collecting information from a variety of systems and network sources, and then analyzing the information for possible security problems.
Libraries
Use these libraries to find Intrusion Detection models and implementationsDatasets
Latest papers
PolyLUT: Learning Piecewise Polynomials for Ultra-Low Latency FPGA LUT-based Inference
We show that by using polynomial building blocks, we can achieve the same accuracy using considerably fewer layers of soft logic than by using linear functions, leading to significant latency and area improvements.
Are Existing Out-Of-Distribution Techniques Suitable for Network Intrusion Detection?
Our findings suggest that existing detectors can identify a consistent portion of new malicious traffic, and that improved embedding spaces enhance detection.
Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance
Sifting through their design documents, we identify four common dimensions that drive the development of provenance-based intrusion detection systems (PIDSes): scope (can PIDSes detect modern attacks that infiltrate across application boundaries?
Towards Reliable Rare Category Analysis on Graphs via Individual Calibration
In particular, to quantify the uncertainties in RCA, we develop a node-level uncertainty quantification algorithm to model the overlapping support regions with high uncertainty; to handle the rarity of minority classes in miscalibration calculation, we generalize the distribution-based calibration metric to the instance level and propose the first individual calibration measurement on graphs named Expected Individual Calibration Error (EICE).
OptIForest: Optimal Isolation Forest for Anomaly Detection
Extensive experiments on a series of benchmarking datasets for comparative and ablation studies demonstrate that our approach can efficiently and robustly achieve better detection performance in general than the state-of-the-arts including the deep learning based methods.
SoK: Pragmatic Assessment of Machine Learning for Network Intrusion Detection
Unfortunately, the value of ML for NID depends on a plethora of factors, such as hardware, that are often neglected in scientific literature.
FlowTransformer: A Transformer Framework for Flow-based Network Intrusion Detection Systems
This paper presents the FlowTransformer framework, a novel approach for implementing transformer-based Network Intrusion Detection Systems (NIDSs).
TSI-GAN: Unsupervised Time Series Anomaly Detection using Convolutional Cycle-Consistent Generative Adversarial Networks
To achieve these goals, we convert each input time-series into a sequence of 2D images using two encoding techniques with the intent of capturing temporal patterns and various types of deviance.
A Novel Multi-Stage Approach for Hierarchical Intrusion Detection
An intrusion detection system (IDS), traditionally an example of an effective security monitoring system, is facing significant challenges due to the ongoing digitization of our modern society.
ARGUS: Context-Based Detection of Stealthy IoT Infiltration Attacks
ARGUS monitors the contextual setting based on the state and actions of IoT devices in the environment.