Title :
A Danger-Theory-Based Abnormal Traffic Detection Model in Local Network
Author :
Xiuying, Wang ; Lizhong, Xiao ; Zhiqing, Shao
Author_Institution :
Sch. of Inf. Sci. & Eng., East China Univ. of Sci. & Technol., Shanghai
Abstract :
To solve the problem that abnormal traffic including Internet worm and P2P downloading has occupied the LANpsilas bandwidth, a danger-theory-based model to detect anomaly traffic in LAN is presented in this paper. The definition is given, in this paper, to such terms as dangerous signal, antigens, antibodies and memory antibodies. Besides, matching rule between antigen and antibody is improved. Experiments show the outstanding performance of the proposed model in real-time property, high detection rate and unsupervised learning.
Keywords :
Internet; invasive software; local area networks; peer-to-peer computing; real-time systems; telecommunication traffic; unsupervised learning; Internet worm; LAN bandwidth; P2P downloading; anomaly traffic; danger-theory-based abnormal traffic detection model; detection rate; real-time property; unsupervised learning; Bandwidth; Communication system traffic control; Computer science; Computer worms; IP networks; Immune system; Local area networks; Monitoring; Telecommunication traffic; Traffic control; abnormal traffic; danger theory; information entropy;
Conference_Titel :
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-3336-0
DOI :
10.1109/CSSE.2008.913
