Title :
Attack detection in large networks
Author :
May, Jack ; Peterson, Jim ; Bauman, J.
Author_Institution :
TRW Inc., Sunnyvale, CA, USA
Abstract :
Attacks on large networks are detected using their inherent statistical characteristics. Emphasis is on detecting attacks on the network instead of attacks on computers attached to the network. Denial-of-Service (DoS) attacks and attacks on network components such as routers are detected. A high-speed self-organizing system TCP/IP network simulation was developed to implement DoS attacks. N-gram algorithms were developed to detect anomalous operation of individual network nodes. Plans for algorithm development and testing on a large real network are presented
Keywords :
Internet; computer network management; security of data; statistical analysis; telecommunication security; DoS attacks; Internet; N-gram algorithms; algorithm development; anomalous operation; attack detection; denial-of-service attacks; high-speed self-organizing system TCP/IP network simulation; large networks; large real network; network components; routers; statistical characteristics; Computer crime; Computer networks; Fractals; Frequency; IP networks; Intelligent networks; Interconnected systems; Lifting equipment; Statistical distributions; TCPIP;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932188
