Title :
Worm Intrusion Alarm Modeling Based on Network Traffic Character
Author :
Guang, Lu ; Fei, Yu ; Yue, Guangxue ; Zhu, Miaoliang
Author_Institution :
Inst. of Artificial Intelligence, Zhejiang Univ.
Abstract :
The research community is interested in finding effective methods to detect network traffic anomalies such as the propagation of a new worm, and to raise alarm in time. In this paper we research the principle that the number of network traffic can affect self-similarity of network traffics, and analyze the variety of self-similarity caused by abnormal network traffic. We propose a network traffic model on normal behaviors of users. An approach, which is applied to determine whether or not abnormal network traffic exists by comparing Hurst parameter with predefined threshold, is also presented. At last, implementation of network worm detecting agent in NP is described. Results of evaluation show that detecting agent performs very well in test-bed
Keywords :
computer networks; invasive software; telecommunication security; telecommunication traffic; network traffic model character; network worm detection agent; self-similar network traffic anomalies; worm intrusion alarm modeling; Artificial intelligence; Autocorrelation; Computer networks; Computer worms; FCC; IP networks; Information security; Laboratories; Telecommunication traffic; Traffic control; Intrusion Alarm; Network Traffic Character; Self-Similarity; Worm;
Conference_Titel :
Computer and Computational Sciences, 2006. IMSCCS '06. First International Multi-Symposiums on
Conference_Location :
Hanzhou, Zhejiang
Print_ISBN :
0-7695-2581-4
DOI :
10.1109/IMSCCS.2006.287
