{"title":"A new statistical method for detecting network anomalies in TCP traffic","authors":"C. Callegari, Sandrine Vaton, M. Pagano","doi":"10.1002/ett.1432","DOIUrl":null,"url":null,"abstract":"SUMMARY In the last few years, the number and impact of security attacks over the Internet have been continuously increasing. To face this issue, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering a novel statistical technique for detecting network anomalies. Our approach is based on the use of different families of Markovian models, namely high order and non-homogeneous Markov chains, for modeling network traffic running over TCP. The performance results shown in the paper justify the proposed method and highlight the improvements over commonly used statistical techniques. Copyright © 2010 John Wiley & Sons, Ltd.","PeriodicalId":50473,"journal":{"name":"European Transactions on Telecommunications","volume":"1 1","pages":"575-588"},"PeriodicalIF":0.0000,"publicationDate":"2010-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"European Transactions on Telecommunications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/ett.1432","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 13
一种检测TCP流量中网络异常的统计方法
在过去的几年里,互联网上的安全攻击的数量和影响都在不断增加。针对这一问题,使用入侵检测系统(ids)已成为网络安全的一个关键因素。在本文中,我们考虑一种新的统计技术来检测网络异常来解决这个问题。我们的方法是基于使用不同家族的马尔可夫模型,即高阶和非齐次马尔可夫链,用于在TCP上运行的网络流量建模。本文的性能结果证明了所提出的方法是正确的,并突出了对常用统计技术的改进。版权所有©2010 John Wiley & Sons, Ltd
本文章由计算机程序翻译,如有差异,请以英文原文为准。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
