Title :
Performance Evaluation of the Information Sink in a Multi-Probe Statistical Anomaly Detection System
Author :
Zinner, Thomas ; Staehle, Dirk ; Tran-Gia, Phuoc ; Mäder, Andreas ; Tutschku, Kurt
Author_Institution :
Dept. of Distrib. Syst., Univ. of Wuerzburg, Wurzburg
Abstract :
Statistical anomaly detection (SAD) becomes an increasingly important tool for the early recognition of potential threats for security-relevant information systems. SAD systems heavily rely on the probing of potentially very large networks. Our contribution is an analysis of the resource requirements on the information sink which constitutes the bottleneck of Client/Server-based SAD systems. In order to dimension the system appropriately, we investigate the trade-off between accumulated and distributed arrival patterns, and the impact of the processing phase of the information sink.
Keywords :
information systems; security of data; Client-Server-based SAD systems; accumulated arrival patterns; distributed arrival patterns; information sink; multiprobe statistical anomaly detection system; security-relevant information systems; Computer science; Event detection; Fluid flow measurement; Information analysis; Information systems; Monitoring; Network servers; Performance evaluation; Probes; Web server;
Conference_Titel :
Telecommunication Networks and Applications Conference, 2008. ATNAC 2008. Australasian
Conference_Location :
Adelaide, SA
Print_ISBN :
978-1-4244-2602-7
Electronic_ISBN :
978-1-4244-2603-4
DOI :
10.1109/ATNAC.2008.4783291
