• DocumentCode
    1890099
  • Title

    Using adaptive lossless compression to characterize network traffic

  • Author

    Benson, Karyn ; Marvel, Lisa M.

  • Author_Institution
    U.S. Army Res. Lab., Adelphi, MD
  • fYear
    2009
  • fDate
    18-20 March 2009
  • Firstpage
    276
  • Lastpage
    277
  • Abstract
    Detecting anomalies in network traffic is a challenging task, not only because of the inherent difficulty of identifying anomalies such as intrusions but also because of the sheer volume of data. In this paper, we attempt to extend existing work in the field of steganalysis to the problem of detecting anomalies in network traffic. By losslessly compressing network traffic using an adaptive compression algorithm, we postulate that it is possible to characterize normal network traffic. Once typical traffic has been defined, it is possible to identify anomalous traffic as the traffic that does not compress well.
  • Keywords
    data compression; security of data; steganography; telecommunication security; telecommunication traffic; adaptive lossless compression algorithm; anomaly detection; network traffic; steganalysis; Compression algorithms; Compressors; Dictionaries; Image coding; Intrusion detection; Laboratories; Resource management; Steganography; Telecommunication traffic; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Sciences and Systems, 2009. CISS 2009. 43rd Annual Conference on
  • Conference_Location
    Baltimore, MD
  • Print_ISBN
    978-1-4244-2733-8
  • Electronic_ISBN
    978-1-4244-2734-5
  • Type

    conf

  • DOI
    10.1109/CISS.2009.5054730
  • Filename
    5054730
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1890099