Chonho Lee, Liu Yi, Li Tan, Weihan Goh, Bu-Sung Lee, C. Yeo
{"title":"基于小波熵的网络流量变化点检测——以“心脏出血”漏洞为例","authors":"Chonho Lee, Liu Yi, Li Tan, Weihan Goh, Bu-Sung Lee, C. Yeo","doi":"10.1109/CLOUDCOM.2014.78","DOIUrl":null,"url":null,"abstract":"This paper investigates network traffic before and after a vulnerability called Heart bleed becomes a public issue around March to May, 2014. To detect anomalies and potential threats due to the vulnerability, a wavelet entropy-based change-point detection method is proposed and compared with three other methods: prediction-based, clustering-based and Fourier transform-based. We show that the proposed wavelet entropy-based method outperforms the others in terms of ease of parameter setting, false alarm and detection accuracy. Using the proposed method and a visualization tool, we have studied Heart bleed vulnerability and successfully captured changes in packet volume and flow.","PeriodicalId":249306,"journal":{"name":"2014 IEEE 6th International Conference on Cloud Computing Technology and Science","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"A Wavelet Entropy-Based Change Point Detection on Network Traffic: A Case Study of Heartbleed Vulnerability\",\"authors\":\"Chonho Lee, Liu Yi, Li Tan, Weihan Goh, Bu-Sung Lee, C. Yeo\",\"doi\":\"10.1109/CLOUDCOM.2014.78\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper investigates network traffic before and after a vulnerability called Heart bleed becomes a public issue around March to May, 2014. To detect anomalies and potential threats due to the vulnerability, a wavelet entropy-based change-point detection method is proposed and compared with three other methods: prediction-based, clustering-based and Fourier transform-based. We show that the proposed wavelet entropy-based method outperforms the others in terms of ease of parameter setting, false alarm and detection accuracy. Using the proposed method and a visualization tool, we have studied Heart bleed vulnerability and successfully captured changes in packet volume and flow.\",\"PeriodicalId\":249306,\"journal\":{\"name\":\"2014 IEEE 6th International Conference on Cloud Computing Technology and Science\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE 6th International Conference on Cloud Computing Technology and Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CLOUDCOM.2014.78\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 6th International Conference on Cloud Computing Technology and Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CLOUDCOM.2014.78","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Wavelet Entropy-Based Change Point Detection on Network Traffic: A Case Study of Heartbleed Vulnerability
This paper investigates network traffic before and after a vulnerability called Heart bleed becomes a public issue around March to May, 2014. To detect anomalies and potential threats due to the vulnerability, a wavelet entropy-based change-point detection method is proposed and compared with three other methods: prediction-based, clustering-based and Fourier transform-based. We show that the proposed wavelet entropy-based method outperforms the others in terms of ease of parameter setting, false alarm and detection accuracy. Using the proposed method and a visualization tool, we have studied Heart bleed vulnerability and successfully captured changes in packet volume and flow.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
