An Adaptive Approach to Granular Real-Time Anomaly Detection. (15th February 2009)
- Record Type:
- Journal Article
- Title:
- An Adaptive Approach to Granular Real-Time Anomaly Detection. (15th February 2009)
- Main Title:
- An Adaptive Approach to Granular Real-Time Anomaly Detection
- Authors:
- Huang, Chin-Tser
Janies, Jeff - Other Names:
- Huang Polly Academic Editor.
- Abstract:
- Abstract : Anomaly-based intrusion detection systems have the ability to detect novel attacks, but when applied in real-time detection, they face the challenges of producing many false alarms and failing to match with the high speed of modern networks due to their computationally demanding algorithms. In this paper, we present Fates, an anomaly-based NIDS designed to alleviate the two challenges. Fates views the monitored network as a collection of individual hosts instead of as a single autonomous entity and uses dynamic, individual threshold for each monitored host, such that it can differentiate between characteristics of individual hosts and can independently assess their threat to the network. Each packet to and from a monitored host is analyzed with an adaptive and efficient charging scheme that considers the packet type, number of occurrences, source, and destination. The resulting charge is applied to the individual hosts threat assessment, providing pinpointed analysis of anomalous activities. We use various datasets to validate Fates ability to distinguish scanning behavior from benign traffic in real time.
- Is Part Of:
- EURASIP journal on advances in signal processing. Volume 2009(2009)
- Journal:
- EURASIP journal on advances in signal processing
- Issue:
- Volume 2009(2009)
- Issue Display:
- Volume 2009, Issue 2009 (2009)
- Year:
- 2009
- Volume:
- 2009
- Issue:
- 2009
- Issue Sort Value:
- 2009-2009-2009-0000
- Page Start:
- Page End:
- Publication Date:
- 2009-02-15
- Subjects:
- Signal processing -- Periodicals
Traitement du signal
Signal processing
Periodicals
621.3822 - Journal URLs:
- https://asp-eurasipjournals.springeropen.com/ ↗
http://link.springer.com/ ↗
http://www.hindawi.com/journals/asp/ ↗ - DOI:
- 10.1155/2009/589413 ↗
- Languages:
- English
- ISSNs:
- 1687-6172
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 10299.xml