JISAR

Journal of Information Systems Applied Research

Volume 10

V10 N2 Pages 43-51

August 2017


Proposal for Kelly Criterion-Inspired Lossy Network Compression for Network Intrusion Applications


Sidney Charles Smith
US Army Research Laboratory
Aberdeen Proving Ground, MD 21005, USA

Robert J. Hammell II
Towson University
Towson, MD 21252, USA


Abstract: This paper describes a proposal for a Kelly criterion inspired compression algorithm to be used in distributed network intrusion detection applications. Kelly's algorithm instructs a gambler how much to bet based upon the chance of winning and the potential payoff. There has been a significant amount of research into anomaly detection algorithms that will provide some indications of the maliciousness of a network session. We propose to combine expert knowledge, data mining, and best of breed anomaly detection algorithms to determine the likelihood that a session is malicious. Further, we propose using a Kelly criterion inspired algorithm to select which sessions and how much of each session to transmit. We expect that this will minimize the total amount of traffic we transmit while maximizing the amount of malicious traffic we transmit.

Keywords: lossy compression, network instrusion detection, Kelly criterion, anomaly detection, Data Mining

Download this article: JISAR - V10 N2 Page 43.pdf


Recommended Citation: Smith, S. C., Hammell II, R. J. (2017). Proposal for Kelly Criterion-Inspired Lossy Network Compression for Network Intrusion Applications. Journal of Information Systems Applied Research, 10(2) pp 43-51. http://jisar.org/2017-10/ ISSN: 1946-1836. (A preliminary version appears in The Proceedings of CONISAR 2016)