Network anomaly detection based on probabilistic analysis

被引:5
|
作者
Park, JinSoo [1 ]
Choi, Dong Hag [1 ]
Jeon, You-Boo [1 ]
Nam, Yunyoung [2 ]
Hong, Min [3 ]
Park, Doo-Soon [3 ]
机构
[1] Soon Chun Hyang Univ, Wellness Coaching Serv Res Ctr, RM U1202,22 Soonchunhyangro, Asan, Choongcheongnam, South Korea
[2] Soon Chun Hyang Univ, Dept Comp Engn, Asan, Choongcheongnam, South Korea
[3] Soon Chun Hyang Univ, Dept Comp Software Engn, Asan, Choongcheongnam, South Korea
来源
SOFT COMPUTING | 2018年 / 22卷 / 20期
关键词
Anomaly detection; Network intrusion; Traffic flood; DDoS attacks; Mahalanobis distance; INTRUSION DETECTION; MODEL; PARALLEL;
D O I
10.1007/s00500-017-2679-3
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
In this paper, we propose a method to detect network intrusions using anomaly detection technique based on probabilistic analysis. Victim's computers under attack show various symptoms such as degradation of TCP throughput, increase in CPU usage, increased round trip time, frequent disconnection to the Web sites, etc. These symptoms can be used as components to construct the k-dimensional feature space of multivariate normal distribution, in which case an anomaly detection method can be applied for the detection of the attack on the distribution. These features are generally highly correlated. Thus we choose only a few of these features for the anomaly detection in multivariate normal distribution. We use Mahalanobis distance to detect the anomalies for each data, normal, and abnormal. Anomalies are identified when their square root of Mahalanobis distance exceeds certain threshold. A detailed description of the threshold setting and the various experiments are discussed in simulation results.
引用
收藏
页码:6621 / 6627
页数:7
相关论文
共 50 条
  • [31] Network anomaly detection through nonlinear analysis
    Palmieri, Francesco
    Fiore, Ugo
    COMPUTERS & SECURITY, 2010, 29 (07) : 737 - 755
  • [32] Network Traffic Monitoring, Analysis and Anomaly Detection
    Wang, Wei
    Zhang, Xiangliang
    Shi, Wenchang
    Lian, Shiguo
    Feng, Dengguo
    IEEE NETWORK, 2011, 25 (03): : 6 - 7
  • [33] Feature Transfer Based Network Anomaly Detection
    Chen, Tao
    Wen, Kun
    SCIENCE OF CYBER SECURITY, SCISEC 2022, 2022, 13580 : 155 - 169
  • [34] Entropy-Based Anomaly Detection in a Network
    Shukla, Ajay Shankar
    Maurya, Rohit
    WIRELESS PERSONAL COMMUNICATIONS, 2018, 99 (04) : 1487 - 1501
  • [35] Entropy Based Method for Network Anomaly Detection
    Quan, Qian
    Hong-Yi, Che
    Rui, Zhang
    IEEE 15TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING, PROCEEDINGS, 2009, : 189 - 191
  • [36] Network Anomaly Detection based on Traffic Prediction
    Wang, Fengyu
    Gong, Bin
    Hu, Yi
    Zhang, Ningbo
    2009 INTERNATIONAL CONFERENCE ON SCALABLE COMPUTING AND COMMUNICATIONS & EIGHTH INTERNATIONAL CONFERENCE ON EMBEDDED COMPUTING, 2009, : 449 - 454
  • [37] Entropy-based Network Anomaly Detection
    Callegari, Christian
    Giordano, Stefano
    Pagano, Michele
    2017 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC), 2016, : 334 - 340
  • [38] Autoencoder-based Network Anomaly Detection
    Chen, Zhaomin
    Yeo, Chai Kiat
    Lee, Bu Sung
    Lau, Chiew Tong
    2018 WIRELESS TELECOMMUNICATIONS SYMPOSIUM (WTS), 2018,
  • [39] Entropy-Based Anomaly Detection in a Network
    Ajay Shankar Shukla
    Rohit Maurya
    Wireless Personal Communications, 2018, 99 : 1487 - 1501
  • [40] Payload Content based Network Anomaly Detection
    Thorat, Sandeep A.
    Khandelwal, Amit K.
    Bruhadeshwar, Bezawada
    Kishore, K.
    2008 FIRST INTERNATIONAL CONFERENCE ON THE APPLICATIONS OF DIGITAL INFORMATION AND WEB TECHNOLOGIES, VOLS 1 AND 2, 2008, : 134 - 139
12345