Title :
A Network Misuse Detection Mechanism Based on Traffic Log
Author :
Yang, Yahui ; Huang, Chunfang ; Qin, Zhijing
Author_Institution :
Sch. of Software & Microelectron., Peking Univ., Beijing
Abstract :
Setting up a large number of network connections and using up a lot of bandwidth are usually regarded as a network misuse behavior. It is significance for the network supervision to find and recognize these behaviors timely and correctly. This paper proposes a network misuse detection mechanism based on traffic log, combining the payload independent traffic classification technology. Through this mechanism, we can complete the selection of behavior features, and overcome the problems for both sample insufficiency and adaptability by using collaborative learning method. The experiment result shows that the method can separate 99% of the normal types from the misuse types, and the recognition rate of various misuse types can reach 80% or so, even be above 90% for some misuse types, which meets the application demand.
Keywords :
peer-to-peer computing; telecommunication traffic; network connections; network misuse detection mechanism; network supervision; payload independent traffic classification technology; traffic log; Bandwidth; Collaborative work; Computer networks; Microelectronics; Payloads; Peer to peer computing; Protocols; Statistics; Telecommunication traffic; Wireless communication; behavior feature; collaborative learning; network misuse; traffic log;
Conference_Titel :
Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-4223-2
DOI :
10.1109/NSWCTC.2009.237
