A New Anomaly Detection Method Based on IGTE and IGFE
作者: Ziyu Wang , Jiahai Yang , Fuliang Li
DOI: 10.1007/978-3-319-23802-9_10
关键词:
摘要: Network anomalies have been a serious challenge for the Internet nowadays. In this paper, two new metrics, IGTE (Inter-group Traffic Entropy) and IGFE Flow Entropy), are proposed network anomaly detection. It is observed that highly correlated usually change synchronously when no occurs. However, once occur, linear correlation would be destroyed. Based on observation, we propose regression model built upon IGFE, to detect anomalies. We use both CERNET2 netflow data synthetic validate its corresponding detection method. The results show regression-based method works well outperforms known wavelet-based
springer.com
sci-hub.st 参考文章(35)
Fengyu Cong, Hannu Hautakangas, Jukka Nieminen, Oleksiy Mazhelis, Mikko Perttunen, Jukka Riekki, Tapani Ristaniemi, Applying wavelet packet decomposition and one-class support vector machine on vehicle acceleration traces for road anomaly detection international symposium on neural networks. pp. 291- 299 ,(2013) , 10.1007/978-3-642-39065-4_36
Benoit Claise, Cisco Systems NetFlow Services Export Version 9 RFC. ,vol. 3954, pp. 1- 33 ,(2004)
Tomasz Andrysiak, Łukasz Saganowski, Michał Choraś, DDoS Attacks Detection by Means of Greedy Algorithms Advances in Intelligent Systems and Computing. pp. 303- 310 ,(2013) , 10.1007/978-3-642-32384-3_36
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
Bin Zhang, Jiahai Yang, Jianping Wu, Donghong Qin, Lei Gao, None, PCA-subspace method — Is it good enough for network-wide anomaly detection network operations and management symposium. pp. 359- 367 ,(2012) , 10.1109/NOMS.2012.6211919
Jian Wu, Zhiming Cui, Yujie Shi, Dongliang Su, None, Traffic Flow Anomaly Detection Based on Wavelet Denoising and Support Vector Regression Journal of Algorithms & Computational Technology. ,vol. 7, pp. 209- 225 ,(2013) , 10.1260/1748-3018.7.2.209
Benjamin I.P. Rubinstein, Blaine Nelson, Ling Huang, Anthony D. Joseph, Shing-hon Lau, Satish Rao, Nina Taft, J. D. Tygar, ANTIDOTE Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference - IMC '09. pp. 1- 14 ,(2009) , 10.1145/1644893.1644895
Bin Zhang, Jiahai Yang, Jianping Wu, Donghong Qin, Lei Gao, None, MCST: Anomaly detection using feature stability for packet-level traffic 2011 13th Asia-Pacific Network Operations and Management Symposium. pp. 1- 8 ,(2011) , 10.1109/APNOMS.2011.6077018
Francesco Palmieri, Ugo Fiore, Network anomaly detection through nonlinear analysis Computers & Security. ,vol. 29, pp. 737- 755 ,(2010) , 10.1016/J.COSE.2010.05.002