Title :
Attack Detection based on Statistical Discriminators
Author :
Carmo, Marcus Fábio Fontenelle do ; Maia, José Everardo Bessa ; Holanda, Raimir ; De Sousa, José Neuman
Author_Institution :
Univ. of Fortaleza, Fortaleza
Abstract :
Attacks represent a serious threat to a network environment, and therefore need to be promptly detected. New attack types, of which detection systems may not even be aware, are the most difficult to detect. Currently, the available methods are mainly based on signature or learning algorithms and generally can not detect these new attacks. The approach presented here uses a small number of statistical discriminators and cluster analysis to detect attacks, obtaining results which are better than the results found in previous papers. Cluster analysis is a not supervised technique and, therefore, it is able to detect new attacks. We performed an empirical test using real traces.
Keywords :
computer networks; security of data; statistical analysis; telecommunication security; attack detection; cluster analysis; computer network security; data management; data security; detection systems; learning algorithms; network environment; signature algorithms; site security monitoring; statistical discriminators; Clustering algorithms; Computer network management; Computer science; Computer security; Data security; Event detection; Information security; Machine learning; Statistics; Telecommunication traffic; communication and information security; computer network security; data management; data security; site security monitoring;
Conference_Titel :
Global Information Infrastructure Symposium, 2007. GIIS 2007. First International
Conference_Location :
Marrakech
Print_ISBN :
978-1-4244-1375-1
Electronic_ISBN :
978-1-4244-1376-8
DOI :
10.1109/GIIS.2007.4404186
