Title :
E-Alarm: An Anomaly Detection System on Large Network
Author :
Sun, Min ; Wang, Yuanzhi ; Luo, Yun
Author_Institution :
Sch. of Comput. Sci. & Technol., SouthWest Univ. of Sci. & Technol., Mianyang, China
Abstract :
In recent years, several worms attacked the Internet and caused serious global damage. We consider that if we can detect the worm in its early spreading stage and perform the access control policy on the related routers immediately, the disaster may be alleviated or even avoided. E-Alarm makes use of network topology information, analyzes anomaly alarms using clustering method, and gives access control policy according to the result of analysis. Our simulation experimental results indicate that E-Alarm system indeed can detect and control the anomaly caused by worms in its early spreading period. Experimental results clearly demonstrate the efficiency of our approach to improve the accuracy of the intrusion detection and decision process.
Keywords :
Internet; authorisation; invasive software; pattern clustering; telecommunication network routing; telecommunication network topology; telecommunication security; Internet; access control; anomaly detection system; clustering method; decision process; e-alarm system; intrusion detection; large network topology; network router; worm detection; Access control; Bayesian methods; Computer science; Computer worms; Event detection; Information analysis; Intrusion detection; Network topology; Telecommunication traffic; Wide area networks; Detection System; E-Alarm; Large Network;
Conference_Titel :
Artificial Intelligence, 2009. JCAI '09. International Joint Conference on
Conference_Location :
Hainan Island
Print_ISBN :
978-0-7695-3615-6
DOI :
10.1109/JCAI.2009.197
