Anomaly detection using digital signature of network segment with adaptive ARIMA model and Paraconsistent Logic

Author

Pena, Eduardo H. M. ; Barbon, Sylvio ; Rodrigues, Joel J. P. C. ; Lemes Proenca Junior, Mario

Author_Institution

Comput. Sci. Dept., State Univ. of Londrina, Londrina, Brazil

fYear

2014

fDate

23-26 June 2014

Firstpage

1

Lastpage

6

Abstract

Detecting anomalies accurately in network traffic behavior is essential for a variety of network management and security tasks. This paper presents an anomaly detection approach employing Digital Signature of Network Segment using Flow Analysis (DSNSF), generated with an ARIMA model. Also, a functional algorithm based on a non-classical logic called Paraconsistent Logic is proposed aiming to avoid high false alarms rates. The key idea of the proposed approach is to characterize the normal behavior of network traffic and then identify the traffic patterns behavior that might harm networks services. Experimental results on a real network demonstrate the effectiveness the proposed approach. The results are promising, showing that the flow analysis performed is able to detect anomalous traffic with precision, sensitivity and good performance.

Keywords

autoregressive moving average processes; digital signatures; DSNSF; adaptive ARIMA model; anomaly detection; digital signature of network segment using flow analysis; network management; network traffic behavior; paraconsistent logic; traffic patterns behavior; Analytical models; Autoregressive processes; Correlation; Data models; Digital signatures; Equations; Mathematical model;

fLanguage

English

Publisher

ieee

Conference_Titel

Computers and Communication (ISCC), 2014 IEEE Symposium on

Conference_Location

Funchal

Type

conf

DOI

10.1109/ISCC.2014.6912503

Filename

6912503