Abstract: This paper describes a proposal for a Kelly criterion inspired compression algorithm to be used in distributed network intrusion detection applications. Kelly's algorithm instructs a gambler how much to bet based upon the chance of winning and the potential payoff. There has been a significant amount of research into anomaly detection algorithms that will provide some indications of the maliciousness of a network session. We propose to combine expert knowledge, data mining, and best of breed anomaly detection algorithms to determine the likelihood that a session is malicious. Further, we propose using a Kelly criterion inspired algorithm to select which sessions and how much of each session to transmit. We expect that this will minimize the total amount of traffic we transmit while maximizing the amount of malicious traffic we transmit.
Keywords: lossy compression, network instrusion detection, Kelly criterion, anomaly detection, Data Mining
Download this article: JISAR - V10 N2 Page 43.pdf
Recommended Citation: Smith, S. C., Hammell II, R. J. (2017). Proposal for Kelly Criterion-Inspired Lossy Network Compression for Network Intrusion Applications. Journal of Information Systems Applied Research, 10(2) pp 43-51. http://jisar.org/2017-10/ ISSN: 1946-1836. (A preliminary version appears in The Proceedings of CONISAR 2016)