Title :
Multilayer packet tagging for network behaviour analysis
Author :
Deraman, Mohamad ; Desa, Jalil Md ; Othman, Zulaiha Ali
Author_Institution :
R&D Innovation Center, TM R&D Sdn Bhd, Cyberjaya, Malaysia
Abstract :
Network behaviour analysis (NBA) is a system that analyses the network data stream or packets characteristics. NBA commonly associated with network intrusion detection and prevention system (IDS/IPS), as the mechanism used in NBA is well known for its capability to discover the hidden information in network packets. Among popular methods empowered the NBA is misuse detection and anomaly detection techniques. Misuse detection is suitable for known attacks that already have list of actions to be taken based on historical events from past attacks. However, misuse detection is inefficient to deal with zero-day type of attack. This paper describes the concept of multilayer packet tagging approach that is possible to compliment the weaknesses found in misuse detection techniques in NBA system.
Keywords :
computer network security; NBA system; anomaly detection; misuse detection; multilayer packet tagging; network attack; network behaviour analysis; network data stream; network intrusion detection; network packet; network prevention system; packet characteristics; zero-day attack; Algorithm design and analysis; Artificial neural networks; Computers; anomaly detection; data mining; intrusion detection; misuse detection; network behaviour analysis;
Conference_Titel :
Information Technology (ITSim), 2010 International Symposium in
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4244-6715-0
DOI :
10.1109/ITSIM.2010.5561573
