Back to Search
Start Over
A new statistical approach to network anomaly detection
- Source :
- SPECTS'08 : International Symposium on Performance Evaluation of Computer and Telecommunication Systems, SPECTS'08 : International Symposium on Performance Evaluation of Computer and Telecommunication Systems, Jun 2008, Edinburgh, United Kingdom. pp.441-447, Scopus-Elsevier
- Publication Year :
- 2008
- Publisher :
- HAL CCSD, 2008.
-
Abstract
- International audience; In the last few years, the number and impact of security attacks over the Internet have been continuously increasing. To face this issue, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering a novel statistical technique for detecting network anomalies. Our approach is based on the use of different families of Markovian models (namely high order and non homogeneous Markov chains) for modeling network traffic running over TCP. The performance results shown in the paper, justify the proposed method and highlight the improvements over commonly used statistical techniques.
- Subjects :
- [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]
[STAT.AP]Statistics [stat]/Applications [stat.AP]
[STAT.AP] Statistics [stat]/Applications [stat.AP]
Intrusion detection system
High order Markov chain
Non-homogeneous Markov chain
Mixture transition model
[INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]
Computer Science::Cryptography and Security
Subjects
Details
- Language :
- English
- Database :
- OpenAIRE
- Journal :
- SPECTS'08 : International Symposium on Performance Evaluation of Computer and Telecommunication Systems, SPECTS'08 : International Symposium on Performance Evaluation of Computer and Telecommunication Systems, Jun 2008, Edinburgh, United Kingdom. pp.441-447, Scopus-Elsevier
- Accession number :
- edsair.dedup.wf.001..8c4952309777cc1e46955838f6829c1d