مرکز منطقه ای اطلاع رساني علوم و فناوري - Dynamic modeling of Internet traffic for intrusion detection

DocumentCode :

2069172

Title :

Dynamic modeling of Internet traffic for intrusion detection

Author :

Jonckheere, E. ; Shah, K. ; Bohacek, S.

Author_Institution :

Univ. of Southern California, Los Angeles, CA, USA

Volume :

fYear :

2002

fDate :

2002

Firstpage :

2436

Abstract :

Computer network traffic is analyzed via state space models and statistical techniques such as linear and nonlinear canonical correlation analyses and mutual information. As an application, the models and the statistical techniques are utilized to detect UDP flooding attacks. This work indicates that mutual information is a powerful tool for the detection of such attacks. Our approach is topology independent and our findings are tested on the so-called dumbbell and parking-lot topologies.

Keywords :

Internet; computer crime; correlation methods; state-space methods; statistical analysis; telecommunication traffic; Internet traffic; UDP flooding attacks; computer network traffic analysis; dumbbell topology; dynamic modeling; intrusion detection; linear canonical correlation analyses; mutual information; nonlinear canonical correlation analyses; parking-lot topology; state space models; statistical techniques; topology independent approach; Application software; Computer networks; Information analysis; Internet; Intrusion detection; Mutual information; State-space methods; Telecommunication traffic; Topology; Traffic control;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

American Control Conference, 2002. Proceedings of the 2002

ISSN :

0743-1619

Print_ISBN :

0-7803-7298-0

Type :

conf

DOI :

10.1109/ACC.2002.1024008

Filename :

1024008

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2069172