Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Journal of Network and Systems Management
Published in: Journal of Network and Systems Management 2/2007

01-06-2007

Anomaly Detection Aiming Pro-Active Management of Computer Network Based on Digital Signature of Network Segment

Authors: Bruno Bogaz Zarpelão, Leonardo de Souza Mendes, Mario Lemes Proença Jr.

Published in: Journal of Network and Systems Management | Issue 2/2007

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Detecting anomalies accurately is fundamental to rapid diagnosis and repair of problems. This paper proposes a novel Anomaly detection system based on the comparison of real traffic and DSNS (Digital Signature of Network Segment), generated by BLGBA (Baseline for Automatic Backbone Management) model, within a hysteresis interval using the residual mean and on the correlation of the detected deviations. Extensive experimental results on real network servers confirmed that our system is able to detect anomalies on the monitored devices, avoiding the high false alarms rate.
previous article Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
Literature
1.
H. Hajji, Baselining Network Traffic and Online Faults Detection, IEEE International Conference on Communications, 2003 (ICC ‘03), vol. 1, pp. 301–308, 2003.CrossRef
2.
X. Qin, W. Lee, L. Lewis, and J. B. D. Cabrera, Integrating Intrusion Detection and Network Management, Network Operations and Management Symposium, 2002, pp. 329–344, 2002.
3.
M. Thottan and C. Ji, Anomaly Detection in IP Networks, IEEE Transactions on Signal Processing, vol. 51, no. 8, pp. 2191–2204, 2003.CrossRef
4.
J. Jiang and S. Papavassiliou, Detecting Network Attacks in the Internet via Statistical Network Traffic Normally Prediction, Journal of Network and Systems Management, vol. 12, pp. 51–72, 2004.CrossRef
5.
A. Lakhina, M. Crovella, and C. Diot, Characterization of Network-Wide Traffic Anomalies in Traffic Flows, Proceedings of the 4th ACM SIGCOMM Internet Measurement Conference (IMC’04), pp. 201–206, 2004.
6.
M. Roughan, T. Griffin, Z. M. Mao, A. Greenberg, and B. Freeman, IP Forwarding Anomalies and Improving their Detection Using Multiple Data Sources, Proceedings of the ACM SIGCOMM Workshop on Network Troubleshooting: Research, Theory and Operations Practice Meet Malfunctioning Reality, pp. 307–312, 2004.
7.
A. Soule, K. Salamatian, and N. Taft, Combining Filtering and Statistical Methods for Anomaly Detection, Proceedings of the ACM SIGCOMM Internet Measurement Conference 2005 (IMC’05), pp. 331–344, 2005.
8.
Y. Zhang, Z. Ge, A. Greenberg, and M. Roughan, Network Anomography, Proceedings of the ACM SIGCOMM Internet Measurement Conference 2005 (IMC’05), pp. 317–330, 2005.
9.
P. Barford, J. Kline, D. Plonka, and A. Ron, A Signal Analysis of Network Traffic Anomalies, Proceedings of the ACM SIGCOMM Internet Measurement Workshop (IMW’02), pp. 71–82, 2002.
10.
B. Krishnamurthy, S. Subhabrata, Z. Zhang, and Y. Chen, Sketch-based Change Detection: Methods, Evaluation and Applications, Proceedings of the 3rd ACM SIGCOMM Internet Measurement Conference (IMC’03), pp. 234–247, 2003.
11.
C. C. Michael, Finding the Vocabulary of Program Behavior Data for Anomaly Detection, Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX’03), pp. 2–12, 2003.
12.
N. Wu and J. Zhang, Factor Analysis Based Anomaly Detection, Proceedings of the 2003 IEEE Workshop on Information Assurance, pp. 108–115, 2003.
13.
Z. M. U. Abusina, S. M. S. Zabir, A. Ashir, D. Chakraborty, T. Suganuma, and N. Shiratori, An Engineering Approach to Dynamic Prediction of Network Performance from Application Logs, International Journal of Network Management, vol. 15, pp. 151–162, 2005.CrossRef
14.
M. L. Proença Jr., C. Coppelmans, M. Bottoli, A. Alberti, and L. de Souza Mendes, The Hurst Parameter for Digital Signature of Network Segment, 11th International Conference on Telecommunications 2004 (ICT 2004) Springer-Verlag in the LNCS series, pp. 772–781, 2004.
15.
M. L. Proença Jr., C. Coppelmans, M. Bottoli, and L. de Souza Mendes, Baseline to Help With Network Management, ICETE 2004 – Proceedings of International Conference on E-business and Telecommunication Networks, 2004.
16.
W. Stallings, SNMP, SNMPv2, SNMPv3, and RMON 1 and 2, 3, Addison-Wesley, 1998.
17.
K. McCloghrie and M. Rose, Management Information Base for Network Management of TCP/IP-based internet: MIB-II, RFC 1213, 1991.
18.
J. B. D. Cabrera, L. Lewis, X. Qin, W. Lee, R. K. Prasanth, B. Ravichandran, and R. K. Mehra, Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables – A Feasibility Study, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings, pp. 609–622, 2001.
19.
J. Jung, B. Krishnamurthy, and M. Rabinovich, Flash Crowds and Denial of Service Attacks: Characterization and Implications for CDN’s and Web Sites, Proceedings of the Eleventh International Conference on World Wide Web, pp. 293–304, 2002.
Metadata
Title
Anomaly Detection Aiming Pro-Active Management of Computer Network Based on Digital Signature of Network Segment
Authors
Bruno Bogaz Zarpelão
Leonardo de Souza Mendes
Mario Lemes Proença Jr.
Publication date
01-06-2007
Published in
Journal of Network and Systems Management / Issue 2/2007
Print ISSN: 1064-7570
Electronic ISSN: 1573-7705
DOI
https://doi.org/10.1007/s10922-007-9064-y

Other articles of this Issue 2/2007

Journal of Network and Systems Management 2/2007 Go to the issue

Original Paper

Performance Analysis of Adaptive Admission Control Algorithms for Bandwidth Brokers

OriginalPaper

Implementation of a Formal Security Policy Refinement Process in WBEM Architecture

Original Paper

A Survey of Fault Management in Wireless Sensor Networks

Original Paper

Multi-Class Measurement Based Admission Control for a QoS Framework with Dynamic Resource Management

Thresholds Edited by Lawrence Bernstein

“The System is the Solution”

OriginalPaper

A Service Oriented Architecture-based Approach for Interdomain Optical Network Services

Premium Partner

    Image Credits