Title :
NEAR — Network extractor of anomaly records or traffic split-counting for anomaly detection
Author :
Vancea, Florin ; Vancea, Cristian
Author_Institution :
Comput. & Inf. Technol. Dept., Univ. of Oradea, Oradea, Romania
Abstract :
The availability of network communications may be affected or even disrupted by malicious actions or by unexpected usage conditions. The good health of systems connected to the network (or lack thereof) may also reflect on network usage patterns. In order to maintain proper functionality for a significantly large network domain, automated or semi-automated methods of anomaly detection are required and several systems have been developed so far. This paper presents NEAR, the feature collection part of such a system, aiming to detect abnormal conditions by collecting relevant traffic features in key points of the network before analyzing them using signal processing methods.
Keywords :
computer network reliability; computer networks; security of data; traffic; NEAR; abnormal conditions; anomaly detection; availability; computer networks; feature collection; malicious actions; network domain; network extractor of anomaly records; network usage patterns; semiautomated methods; signal processing methods; traffic features; traffic split-counting; Correlation; Feature extraction; Monitoring; Ports (Computers); Probes; Radiation detectors; Servers; client-server; correlation; darknet; intrusion detection; time-frequency domain; traffic features;
Conference_Titel :
EUROCON, 2013 IEEE
Conference_Location :
Zagreb
Print_ISBN :
978-1-4673-2230-0
DOI :
10.1109/EUROCON.2013.6624966
