To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
Risk Leveling of Network Traffic Anomalies |
|
Author |
Charlie Isaksson, Yu Meng, Margaret H. Dunham |
| Citation |
Vol. 6 No. 6 pp. 258-265 |
|
Abstract |
The goal of intrusion detection is to identify attempted or ongoing attacks on a computer system or network. Many attacks aim to compromise computer networks in an online manner. Traffic anomalies have been an important indication of such attacks. Challenges in the detections lie in modeling of the large continuous streams of data and performing anomaly detection in an online manner. This paper presents a data mining technique to assess the risks of local anomalies based on synopsis obtained from a global spatiotemporal modeling approach. The proposed model is proactive in the detection of various types of traffic related attacks such as distributed denial of service (DDoS). It is incremental, scalable and thus suitable for online processing. Algorithm analysis shows the time efficiency of the proposed technique. The experiments conducted with a DARPA dataset demonstrate that compared with a frequency based anomaly detection model, the false alarm rate caused by the proposed model is significantly mitigated without losing a high detection rate. |
|
Keywords |
data mining, risk leveling, intrusion detection, anomaly, data stream |
|
URL |
