Port-based traffic verification as a paradigm for anomaly detection
作者: Vadiraj Panchamukhi , Hema A. Murthy
关键词:
摘要: An anomaly is an activity that deviates from the wellknown behaviour of system. Anomaly detection in networks interest two perspectives: organization's perspective and Internet Service Provider's (ISP) perspective. Protection its computer network infrastructure important task for all organizations. Organizations desire their are robust resilient to any kind attack. forms part this resiliency. Also ISPs want maximize utilization resources. Hence ISP would be interested know resource failure immediately so as correct problem. also safeguarding malicious activities. We describe here a Gaussian Mixture Model (GMM)-based traffic verification system paradigm detection. The characteristics aggregated over period time given model verify validity traffic. If does not obey then we raise alarm flagging it anomaly. Our results show performs with less than 1% misses false alarms.
sci-hub.se 参考文章(15)
Dinil Mon Divakaran, Hema A. Murthy, Timothy A. Gonsalves, Traffic modeling and classification using packet train length and packet train size ip operations and management. pp. 1- 12 ,(2006) , 10.1007/11908852_1
Debra Anderson, Thane Frivold, Alfonso Valdes, Next-generation Intrusion Detection Expert System (NIDES)A Summary ,(1997)
Ali Firdaus, Squid Proxy Server Teknika Polsri. ,vol. 14, pp. 221590- ,(2005)
T. A. Gonsalves, Hema A. Murthy, M. A. Saifulla, Identifying patterns in internet traffic ICCC '02 Proceedings of the 15th international conference on Computer communication. pp. 859- 865 ,(2002)
Christopher M. Bishop, Pattern Recognition and Machine Learning ,(2006)
Douglas A. Reynolds, Thomas F. Quatieri, Robert B. Dunn, Speaker Verification Using Adapted Gaussian Mixture Models Digital Signal Processing. ,vol. 10, pp. 19- 41 ,(2000) , 10.1006/DSPR.1999.0361
A. P. Dempster, N. M. Laird, D. B. Rubin, Maximum Likelihood from Incomplete Data Via theEMAlgorithm Journal of the Royal Statistical Society: Series B (Methodological). ,vol. 39, pp. 1- 22 ,(1977) , 10.1111/J.2517-6161.1977.TB01600.X
Ningning Wu, Jing Zhang, Factor-analysis based anomaly detection and clustering decision support systems. ,vol. 42, pp. 375- 389 ,(2006) , 10.1016/J.DSS.2005.01.005
J.-L. Gauvain, Chin-Hui Lee, Maximum a posteriori estimation for multivariate Gaussian mixture observations of Markov chains IEEE Transactions on Speech and Audio Processing. ,vol. 2, pp. 291- 298 ,(1994) , 10.1109/89.279278
Haakon Ringberg, Augustin Soule, Jennifer Rexford, Christophe Diot, Sensitivity of PCA for traffic anomaly detection measurement and modeling of computer systems. ,vol. 35, pp. 109- 120 ,(2007) , 10.1145/1254882.1254895