• DocumentCode
    478463
  • Title

    A new statistical approach to network anomaly detection

  • Author

    Callegari, Christian ; Vaton, Sandrine ; Pagano, Michele

  • Author_Institution
    Dept. of Inf. Eng., Univ. of Pisa, Pisa
  • fYear
    2008
  • fDate
    16-18 June 2008
  • Firstpage
    441
  • Lastpage
    447
  • Abstract
    In the last few years, the number and impact of security attacks over the Internet have been continuously increasing. To face this issue, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering a novel statistical technique for detecting network anomalies. Our approach is based on the use of different families of Markovian models (namely high order and non homogeneous Markov chains) for modeling network traffic running over TCP. The performance results shown in the paper, justify the proposed method and highlight the improvements over commonly used statistical techniques.
  • Keywords
    Internet; Markov processes; security of data; telecommunication security; telecommunication traffic; transport protocols; Internet; Markov chains; Markovian models; TCP; intrusion detection systems; network anomaly detection; network security; network traffic; security attacks; Computer science; Computer security; Electronic mail; Face detection; IP networks; Information security; Internet; Intrusion detection; Telecommunication traffic; Traffic control; High Order Markov Chain; Intrusion Detection System; Mixture Transition Model; Non-Homogeneous Markov Chain; statistical techniques.;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Performance Evaluation of Computer and Telecommunication Systems, 2008. SPECTS 2008. International Symposium on
  • Conference_Location
    Edinburgh
  • Print_ISBN
    978-1-56555-320-0
  • Type

    conf

  • Filename
    4667596
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=478463