nach oben

Journal of Network and Systems Management

Erschienen in:

01.06.2007

Anomaly Detection Aiming Pro-Active Management of Computer Network Based on Digital Signature of Network Segment

verfasst von: Bruno Bogaz Zarpelão, Leonardo de Souza Mendes, Mario Lemes Proença Jr.

Erschienen in: Journal of Network and Systems Management | Ausgabe 2/2007

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Detecting anomalies accurately is fundamental to rapid diagnosis and repair of problems. This paper proposes a novel Anomaly detection system based on the comparison of real traffic and DSNS (Digital Signature of Network Segment), generated by BLGBA (Baseline for Automatic Backbone Management) model, within a hysteresis interval using the residual mean and on the correlation of the detected deviations. Extensive experimental results on real network servers confirmed that our system is able to detect anomalies on the monitored devices, avoiding the high false alarms rate.

Vorheriger Artikel Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

H. Hajji, Baselining Network Traffic and Online Faults Detection, IEEE International Conference on Communications, 2003 (ICC ‘03), vol. 1, pp. 301–308, 2003.CrossRef

X. Qin, W. Lee, L. Lewis, and J. B. D. Cabrera, Integrating Intrusion Detection and Network Management, Network Operations and Management Symposium, 2002, pp. 329–344, 2002.

M. Thottan and C. Ji, Anomaly Detection in IP Networks, IEEE Transactions on Signal Processing, vol. 51, no. 8, pp. 2191–2204, 2003.CrossRef

J. Jiang and S. Papavassiliou, Detecting Network Attacks in the Internet via Statistical Network Traffic Normally Prediction, Journal of Network and Systems Management, vol. 12, pp. 51–72, 2004.CrossRef

A. Lakhina, M. Crovella, and C. Diot, Characterization of Network-Wide Traffic Anomalies in Traffic Flows, Proceedings of the 4th ACM SIGCOMM Internet Measurement Conference (IMC’04), pp. 201–206, 2004.

M. Roughan, T. Griffin, Z. M. Mao, A. Greenberg, and B. Freeman, IP Forwarding Anomalies and Improving their Detection Using Multiple Data Sources, Proceedings of the ACM SIGCOMM Workshop on Network Troubleshooting: Research, Theory and Operations Practice Meet Malfunctioning Reality, pp. 307–312, 2004.

A. Soule, K. Salamatian, and N. Taft, Combining Filtering and Statistical Methods for Anomaly Detection, Proceedings of the ACM SIGCOMM Internet Measurement Conference 2005 (IMC’05), pp. 331–344, 2005.

Y. Zhang, Z. Ge, A. Greenberg, and M. Roughan, Network Anomography, Proceedings of the ACM SIGCOMM Internet Measurement Conference 2005 (IMC’05), pp. 317–330, 2005.

P. Barford, J. Kline, D. Plonka, and A. Ron, A Signal Analysis of Network Traffic Anomalies, Proceedings of the ACM SIGCOMM Internet Measurement Workshop (IMW’02), pp. 71–82, 2002.

10.

B. Krishnamurthy, S. Subhabrata, Z. Zhang, and Y. Chen, Sketch-based Change Detection: Methods, Evaluation and Applications, Proceedings of the 3rd ACM SIGCOMM Internet Measurement Conference (IMC’03), pp. 234–247, 2003.

11.

C. C. Michael, Finding the Vocabulary of Program Behavior Data for Anomaly Detection, Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’03), pp. 2–12, 2003.

12.

N. Wu and J. Zhang, Factor Analysis Based Anomaly Detection, Proceedings of the 2003 IEEE Workshop on Information Assurance, pp. 108–115, 2003.

13.

Z. M. U. Abusina, S. M. S. Zabir, A. Ashir, D. Chakraborty, T. Suganuma, and N. Shiratori, An Engineering Approach to Dynamic Prediction of Network Performance from Application Logs, International Journal of Network Management, vol. 15, pp. 151–162, 2005.CrossRef

14.

M. L. Proença Jr., C. Coppelmans, M. Bottoli, A. Alberti, and L. de Souza Mendes, The Hurst Parameter for Digital Signature of Network Segment, 11th International Conference on Telecommunications 2004 (ICT 2004) Springer-Verlag in the LNCS series, pp. 772–781, 2004.

15.

M. L. Proença Jr., C. Coppelmans, M. Bottoli, and L. de Souza Mendes, Baseline to Help With Network Management, ICETE 2004 – Proceedings of International Conference on E-business and Telecommunication Networks, 2004.

16.

W. Stallings, SNMP, SNMPv2, SNMPv3, and RMON 1 and 2, 3, Addison-Wesley, 1998.

17.

K. McCloghrie and M. Rose, Management Information Base for Network Management of TCP/IP-based internet: MIB-II, RFC 1213, 1991.

18.

J. B. D. Cabrera, L. Lewis, X. Qin, W. Lee, R. K. Prasanth, B. Ravichandran, and R. K. Mehra, Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables – A Feasibility Study, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings, pp. 609–622, 2001.

19.

J. Jung, B. Krishnamurthy, and M. Rabinovich, Flash Crowds and Denial of Service Attacks: Characterization and Implications for CDN’s and Web Sites, Proceedings of the Eleventh International Conference on World Wide Web, pp. 293–304, 2002.

Titel: Anomaly Detection Aiming Pro-Active Management of Computer Network Based on Digital Signature of Network Segment
verfasst von: Bruno Bogaz Zarpelão
Leonardo de Souza Mendes
Mario Lemes Proença Jr.
Publikationsdatum: 01.06.2007
Verlag: Kluwer Academic Publishers-Plenum Publishers
Erschienen in: Journal of Network and Systems Management / Ausgabe 2/2007
Print ISSN: 1064-7570
Elektronische ISSN: 1573-7705
DOI: https://doi.org/10.1007/s10922-007-9064-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2007

Performance Analysis of Adaptive Admission Control Algorithms for Bandwidth Brokers

Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

A Survey of Fault Management in Wireless Sensor Networks

“The System is the Solution”

A Service Oriented Architecture-based Approach for Interdomain Optical Network Services

Multi-Class Measurement Based Admission Control for a QoS Framework with Dynamic Resource Management

Premium Partner