In the present network security management, improvements in the performances of Intrusion Detection Systems(IDSs) are strongly desired. In this paper, we propose a network anomaly detection technique which can learn a state of network traffic based on per-flow and per-service statistics. These statistics consist of service request frequency, characteristics of a flow and code histogram of payloads. In this technique, we achieve an effective definition of the network state by observing the network traffic according to service. Moreover, we conduct a set of experiments to evaluate the performance of the proposed scheme and compare with those of other techniques.
Weitere Kapitel dieses Buchs durch Wischen aufrufen
- A New Network Anomaly Detection Technique Based on Per-Flow and Per-Service Statistics
- Springer Berlin Heidelberg