A Network Misuse Detection Mechanism Based on Traffic Log

Author

Yang, Yahui ; Huang, Chunfang ; Qin, Zhijing

Author_Institution

Sch. of Software & Microelectron., Peking Univ., Beijing

Volume

1

fYear

2009

fDate

25-26 April 2009

Firstpage

526

Lastpage

529

Abstract

Setting up a large number of network connections and using up a lot of bandwidth are usually regarded as a network misuse behavior. It is significance for the network supervision to find and recognize these behaviors timely and correctly. This paper proposes a network misuse detection mechanism based on traffic log, combining the payload independent traffic classification technology. Through this mechanism, we can complete the selection of behavior features, and overcome the problems for both sample insufficiency and adaptability by using collaborative learning method. The experiment result shows that the method can separate 99% of the normal types from the misuse types, and the recognition rate of various misuse types can reach 80% or so, even be above 90% for some misuse types, which meets the application demand.

Keywords

peer-to-peer computing; telecommunication traffic; network connections; network misuse detection mechanism; network supervision; payload independent traffic classification technology; traffic log; Bandwidth; Collaborative work; Computer networks; Microelectronics; Payloads; Peer to peer computing; Protocols; Statistics; Telecommunication traffic; Wireless communication; behavior feature; collaborative learning; network misuse; traffic log;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on

Conference_Location

Wuhan, Hubei

Print_ISBN

978-1-4244-4223-2

Type

conf

DOI

10.1109/NSWCTC.2009.237

Filename

4908320