Volume Based Anomaly Detection using LRD Analysis of Decomposed Network Traffic

被引：0

作者：

Zeb, Khan ^{[1
]}

AsSadhan, Basil ^{[1
]}

Al-Muhtadi, Jalal ^{[2
]}

Alshebeili, Saleh ^{[1
,3
]}

Bashaiwth, Abdulmuneem ^{[1
]}

机构：

[1] King Saud Univ, Dept Elect Engn, Coll Engn, Riyadh, Saudi Arabia

[2] King Saud Univ, Dept Comp Sci, Coll Comp & Informat Sc, Riyadh, Saudi Arabia

[3] King Saud Univ, KACST TIC RF & Photon E Soc RFTONICS, Riyadh, Saudi Arabia

来源：

2014 FOURTH INTERNATIONAL CONFERENCE ON INNOVATIVE COMPUTING TECHNOLOGY (INTECH) | 2014年

关键词：

LRD; self-similarity; traffic analysis; control and data planes traffic; anomaly detection; Optimization method; SELF-SIMILARITY; BEHAVIOR;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Network traffic intrusions increase day by day in computer systems. This poses major security threats to computer networks. In this paper, we present an effective approach for anomaly detection in network traffic. We investigate the long-range dependence (LRD) behavior of decomposed network traffic subgroups in different directions with respect the enterprise network. If the network traffic exhibits LRD behavior during normal conditions, then deviation from this property can indicate an abnormality in the traffic. We analyze and evaluate recent Internet traffic captured at King Saud University (KSU). The results and analysis of the proposed approach show that the presence of short duration anomalies affect the LRD behavior of certain traffic subgroups, namely the subgroups in the control plane traffic while the aggregated whole traffic still exhibits LRD. These results show how this approach significantly reduces the amount of traffic to analyze, and more importantly it can detect abnormal behavior that is not detected when looking the traffic as a whole.

引用

页码：52 / 57

页数：6

共 50 条

[1] Anomaly Detection Based on LRD Behavior Analysis of Decomposed Control and Data Planes Network Traffic Using SOSS and FARIMA Models
AsSadhan, Basil
Zeb, Khan
Al-Muhtadi, Jalal
Alshebeili, Saleh
IEEE ACCESS, 2017, 5 : 13501 - 13519
[2] Anomaly detection of excessive network traffic based on ratio and volume analysis
Kim, Hyun Joo
Na, Jung C.
Jang, Jong S.
INTELLIGENCE AND SECURITY INFORMATICS, PROCEEDINGS, 2006, 3975 : 726 - 727
[3] Network Traffic Anomaly Detection based on Ratio and Volume
Kim, Hyun Joo
Na, Jung C.
Jang, Jong S.
INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2006, 6 (5B): : 190 - 193
[4] Network Traffic Anomaly Detection Based on Wavelet Analysis
Du, Zhen
Ma, Lipeng
Li, Huakang
Li, Qun
Sun, Guozi
Liu, Zichang
2018 IEEE/ACIS 16TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT AND APPLICATION (SERA), 2018, : 94 - 101
[5] Network Traffic Analysis based on Collective Anomaly Detection
Ahmed, Mohiuddin
Mahmood, Abdun Naser
PROCEEDINGS OF THE 2014 9TH IEEE CONFERENCE ON INDUSTRIAL ELECTRONICS AND APPLICATIONS (ICIEA), 2014, : 1141 - 1146
[6] Anomaly Detection using Wavelet-Based Estimation of LRD in Packet and Byte Count of Control Traffic
Zeb, Khan
AsSadhan, Basil
Al-Muhtadi, Jalal
Alshebeili, Saleh
2016 7TH INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION SYSTEMS (ICICS), 2016, : 316 - 321
[7] Detection of network traffic anomaly based on instantaneous parameters analysis
Yao, Xingmiao
Zhang, Peng
Gao, Jie
Hu, Guangmin
2006 10TH INTERNATIONAL CONFERENCE ON COMMUNICATION TECHNOLOGY, VOLS 1 AND 2, PROCEEDINGS, 2006, : 336 - +
[8] USING R FOR ANOMALY DETECTION IN NETWORK TRAFFIC
Hock, Denis
Kappes, Martin
PROCEEDINGS OF THE FIFTH INTERNATIONAL CONFERENCE ON INTERNET TECHNOLOGIES AND APPLICATIONS (ITA 13), 2013, : 98 - 105
[9] Analysis of network traffic features for anomaly detection
Iglesias, Felix
Zseby, Tanja
MACHINE LEARNING, 2015, 101 (1-3) : 59 - 84
[10] Analysis of network traffic features for anomaly detection
Félix Iglesias
Tanja Zseby
Machine Learning, 2015, 101 : 59 - 84

← 1 2 3 4 5 →