Detecting security anomalies from internet traffic using the MA-RMSE algorithms
| Autor: | Breno Silva Pinto, Chun Che Fung, Varin Khera |
|---|---|
| Rok vydání: | 2009 |
| Předmět: |
Mean squared error
business.industry Computer science ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS Botnet Denial-of-service attack Internet traffic Internet traffic engineering Internet security Computer security computer.software_genre The Internet Web threat business computer Computer network |
| Zdroj: | Murdoch University EPrints |
| DOI: | 10.1109/indin.2009.5195920 |
| Popis: | Many detection techniques against worms, denial of service attacks and botnets on the Internet have been developed. It is difficult to detect these threats if the malicious traffic has insufficient intensity, which is usually the case. To make the problem worse, legitimate Internet services behaving like worm and complexity network environments undermines the efficiency of the detection techniques. This paper proposes an entropy-based Internet threats detection approach that determines and reports the traffic complexity parameters when changes in the traffic complexity content may indicate a malicious network event. Based on the experiment, the proposed method is efficient and produces less false positive and false negative alarms with a faster detection time. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|