Title :
Anomaly detection using digital signature of network segment with adaptive ARIMA model and Paraconsistent Logic
Author :
Pena, Eduardo H. M. ; Barbon, Sylvio ; Rodrigues, Joel J. P. C. ; Lemes Proenca Junior, Mario
Author_Institution :
Comput. Sci. Dept., State Univ. of Londrina, Londrina, Brazil
Abstract :
Detecting anomalies accurately in network traffic behavior is essential for a variety of network management and security tasks. This paper presents an anomaly detection approach employing Digital Signature of Network Segment using Flow Analysis (DSNSF), generated with an ARIMA model. Also, a functional algorithm based on a non-classical logic called Paraconsistent Logic is proposed aiming to avoid high false alarms rates. The key idea of the proposed approach is to characterize the normal behavior of network traffic and then identify the traffic patterns behavior that might harm networks services. Experimental results on a real network demonstrate the effectiveness the proposed approach. The results are promising, showing that the flow analysis performed is able to detect anomalous traffic with precision, sensitivity and good performance.
Keywords :
autoregressive moving average processes; digital signatures; DSNSF; adaptive ARIMA model; anomaly detection; digital signature of network segment using flow analysis; network management; network traffic behavior; paraconsistent logic; traffic patterns behavior; Analytical models; Autoregressive processes; Correlation; Data models; Digital signatures; Equations; Mathematical model;
Conference_Titel :
Computers and Communication (ISCC), 2014 IEEE Symposium on
Conference_Location :
Funchal
DOI :
10.1109/ISCC.2014.6912503
