Title :
Detecting anomalous network traffic in organizational private networks
Author_Institution :
NATO Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia
Abstract :
During the last decade, network monitoring and intrusion detection have become essential techniques of cyber security. Nowadays, many institutions are using advanced solutions for detecting malicious network traffic, discovering network anomalies, and preventing cyber attacks. However, most research in this area has not been conducted specifically for organizational private networks, and their special properties have not been considered. In this paper, we first present a study of traffic patterns in a corporate private network, and then propose two novel algorithms for detecting anomalous network traffic and node behavior in such networks.
Keywords :
computer network security; virtual private networks; anomalous network traffic detection; corporate private network; cyber attack; cyber security; intrusion detection; network monitoring; node behavior; organizational private network; Clustering algorithms; IP networks; Monitoring; Ports (Computers); Servers; Telecommunication traffic; Transport protocols; cyber security; network anomaly detection; network forensics; network monitoring;
Conference_Titel :
Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), 2013 IEEE International Multi-Disciplinary Conference on
Conference_Location :
San Diego, CA
Print_ISBN :
978-1-4673-2437-3
DOI :
10.1109/CogSIMA.2013.6523859
