Decentralized detection of network attacks through P2P data clustering of SNMP data. Issue 52 (July 2015)
- Record Type:
- Journal Article
- Title:
- Decentralized detection of network attacks through P2P data clustering of SNMP data. Issue 52 (July 2015)
- Main Title:
- Decentralized detection of network attacks through P2P data clustering of SNMP data
- Authors:
- Cerroni, Walter
Moro, Gianluca
Pasolini, Roberto
Ramilli, Marco - Abstract:
- Abstract: The goal of Network Intrusion Detection Systems (NIDSs) is to protect against attacks by inspecting network traffic packets, for instance, looking for anomalies and signatures of known attacks. This paper illustrates an approach to attack detection that analyzes just the standard statistics automatically generated by the Simple Network Management Protocol (SNMP) through unsupervised distributed data mining algorithms. We describe the design of a decentralized system composed of a peer-to-peer network of monitoring stations: each of them continuously gathers SNMP statistical observations about the network traffic and runs a distributed data clustering algorithm in cooperation with other stations. This progressively leads to the construction of a traffic model capable to detect undergoing attacks on later observations, including potentially previously unknown attacks. To estimate the accuracy of the described system, we performed an extensive number of distributed data clustering processing on data sets of SNMP observations generated from real traffic.
- Is Part Of:
- Computers & security. Issue 52(2015)
- Journal:
- Computers & security
- Issue:
- Issue 52(2015)
- Issue Display:
- Volume 52, Issue 52 (2015)
- Year:
- 2015
- Volume:
- 52
- Issue:
- 52
- Issue Sort Value:
- 2015-0052-0052-0000
- Page Start:
- 1
- Page End:
- 16
- Publication Date:
- 2015-07
- Subjects:
- Network security -- NIDS -- SNMP -- Data mining -- Data clustering -- Peer-to-peer
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2015.03.006 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 7523.xml