Profiling Network Traffic Behavior for the purpose of Anomaly-based Intrusion Detection

被引:2
|
作者
Gill, Manmeet Singh [1 ]
Lindskog, Dale [1 ]
Zavarsky, Pavol [1 ]
机构
[1] Concordia Univ Edmonton, Dept Informat Syst Secur & Assurance Management, Edmonton, AB, Canada
来源
2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE) | 2018年
关键词
NIDS; normal and abnormal behavior; profiling baseline; threshold; statistical Analysis; data sets; features; anomaly detection;
D O I
10.1109/TrustCom/BigDataSE.2018.00127
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper, we propose methods for profiling normal network traffic, methods that could be employed for the purpose of creating a baseline that would be used in the detection of threshold based anomalies in network traffic. This profiling is based on five proposed features of network traffic, and to illustrate, testing was done using recent and large data sets, and relying on various tools to statistically analyze network traffic. Although we have no pretensions of completeness, our results indicate that this is a promising approach to differentiate between normal and abnormal network traffic behavior, and therefore a promising contribution to anomaly based intrusion detection.
引用
收藏
页码:885 / 890
页数:6
相关论文
共 50 条
  • [1] ANOMALY-BASED NETWORK INTRUSION DETECTION METHODS
    Nevlud, Pavel
    Bures, Miroslav
    Kapicak, Lukas
    Zdralek, Jaroslav
    [J]. ADVANCES IN ELECTRICAL AND ELECTRONIC ENGINEERING, 2013, 11 (06) : 468 - 474
  • [2] Anomaly-Based Network Intrusion Detection System
    Villalba, L. J. G.
    Orozco, A. L. S.
    Vidal, J. M.
    [J]. IEEE LATIN AMERICA TRANSACTIONS, 2015, 13 (03) : 850 - 855
  • [3] LSTM for Anomaly-Based Network Intrusion Detection
    Althubiti, Sara A.
    Jones, Eric Marcell, Jr.
    Roy, Kaushik
    [J]. 2018 28TH INTERNATIONAL TELECOMMUNICATION NETWORKS AND APPLICATIONS CONFERENCE (ITNAC), 2018, : 293 - 295
  • [4] Measuring normality in HTTP traffic for anomaly-based intrusion detection
    Estévez-Tapiador, JM
    García-Teodoro, P
    Díaz-Verdejo, JE
    [J]. COMPUTER NETWORKS, 2004, 45 (02) : 175 - 193
  • [5] Anomaly-Based Network Intrusion Detection Using SVM
    Zhang, Yuan
    Yang, Qinghai
    Lambotharan, Sangarapillai
    Kyriakopoulos, Konstantinos
    Ghafir, Ibrahim
    AsSadhan, Basil
    [J]. 2019 11TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS AND SIGNAL PROCESSING (WCSP), 2019,
  • [6] Anomaly-Based Network Intrusion Detection: An Outlier Detection Techniques
    Kumar, Neeraj
    Kumar, Upendra
    [J]. PROCEEDINGS OF THE EIGHTH INTERNATIONAL CONFERENCE ON SOFT COMPUTING AND PATTERN RECOGNITION (SOCPAR 2016), 2018, 614 : 262 - 269
  • [7] Deep and Machine Learning Approaches for Anomaly-Based Intrusion Detection of Imbalanced Network Traffic
    Abdulhammed, Razan
    Faezipour, Miad
    Abuzneid, Abdelshakour
    AbuMallouh, Arafat
    [J]. IEEE SENSORS LETTERS, 2019, 3 (01)
  • [8] Anomaly-based network intrusion detection: Techniques, systems and challenges
    Garcia-Teodoro, P.
    Diaz-Verdejo, J.
    Macia-Fernandez, G.
    Vazquez, E.
    [J]. COMPUTERS & SECURITY, 2009, 28 (1-2) : 18 - 28
  • [9] A Convolutional Neural Network for Improved Anomaly-Based Network Intrusion Detection
    Al-Turaiki, Isra
    Altwaijry, Najwa
    [J]. BIG DATA, 2021, 9 (03) : 233 - 252
  • [10] Adaptive anomaly-based intrusion detection system using genetic algorithm and profiling
    Alves Resende, Paulo Angelo
    Drummond, Andre Costa
    [J]. SECURITY AND PRIVACY, 2018, 1 (04):
12345