• DocumentCode
    1092624
  • Title

    Detecting anomalies in network traffic using the method of remaining elements

  • Author

    Velarde-Alvarado, P. ; Vargas-Rosales, C. ; Torres-Roman, D. ; Martinez-Herrera, A.

  • Author_Institution
    Autonomous Univ. of Nayarit, Nayarit
  • Volume
    13
  • Issue
    6
  • fYear
    2009
  • fDate
    6/1/2009 12:00:00 AM
  • Firstpage
    462
  • Lastpage
    464
  • Abstract
    Attacks, such as port scans, DDoS and worms, threaten the functionality and reliability of IP networks. Early and accurate detection is crucial to mitigate their impact. We use the Method of Remaining Elements (MRE) to detect anomalies based on the characterization of traffic features through a proportional uncertainty measure. MRE has the functionality and performance to detect abnormal behavior and serve as the foundation for next generation network intrusion detection systems.
  • Keywords
    IP networks; security of data; telecommunication network management; telecommunication security; telecommunication traffic; IP network attack; network intrusion detection; network traffic anomaly; remaining elements; Entropy; Feature extraction; IP networks; Intelligent networks; Intrusion detection; Measurement uncertainty; Next generation networking; Telecommunication traffic; Time measurement; Upper bound; Anomaly detection, traffic anomalies, entropy based intrusion detection;
  • fLanguage
    English
  • Journal_Title
    Communications Letters, IEEE
  • Publisher
    ieee
  • ISSN
    1089-7798
  • Type

    jour

  • DOI
    10.1109/LCOMM.2009.090689
  • Filename
    5090437
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1092624