A critical review on the implementation of static data sampling techniques to detect network attacks
| Autor: | Christophe Guyeux, Dominique Ginhac, Abdallah Makhoul, Jacques Demerjian, Rayane El Sibai, Suzan Hajj, Jacques Bou Abdo |
|---|---|
| Přispěvatelé: | Université Bourgogne Franche-Comté [COMUE] (UBFC), Al Maaref University (MU), Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174) (FEMTO-ST), Université de Technologie de Belfort-Montbeliard (UTBM)-Ecole Nationale Supérieure de Mécanique et des Microtechniques (ENSMM)-Université de Franche-Comté (UFC), Université Bourgogne Franche-Comté [COMUE] (UBFC)-Université Bourgogne Franche-Comté [COMUE] (UBFC)-Centre National de la Recherche Scientifique (CNRS) |
| Jazyk: | angličtina |
| Rok vydání: | 2021 |
| Předmět: |
General Computer Science
Computer science 020209 energy Real-time computing intrusion detection system (IDS) data streams Context (language use) 02 engineering and technology Intrusion detection system [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE] Data sampling [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR] statistical analysis Sampling process 0202 electrical engineering electronic engineering information engineering General Materials Science Static data General Engineering Volume (computing) Process (computing) Sampling (statistics) Internet traffic [INFO.INFO-MO]Computer Science [cs]/Modeling and Simulation TK1-9971 [INFO.INFO-MA]Computer Science [cs]/Multiagent Systems [cs.MA] 020201 artificial intelligence & image processing [INFO.INFO-ET]Computer Science [cs]/Emerging Technologies [cs.ET] Electrical engineering. Electronics. Nuclear engineering [INFO.INFO-DC]Computer Science [cs]/Distributed Parallel and Cluster Computing [cs.DC] |
| Zdroj: | IEEE Access IEEE Access, IEEE, 2021, 9, pp.138903-138938 IEEE Access, Vol 9, Pp 138903-138938 (2021) |
| ISSN: | 2169-3536 |
| Popis: | International audience; Given that the Internet traffic speed and volume are growing at a rapid pace, monitoring the network in a real-time manner has introduced several issues in terms of computing and storage capabilities. Fast processing of traffic data and early warnings on the detected attacks are required while maintaining a single pass over the traffic measurements. To palliate these problems, one can reduce the amount of traffic to be processed by using a sampling technique and detect the attacks based on the sampled traffic. Different parameters have an impact on the efficiency of this process, mainly, the applied sampling policy and sampling ratio. In this paper, we investigate the statistical impact of sampling the network traffic and we quantify the amount of deterioration that the sampling process introduces. In this context, an experimental comparison of existing sampling techniques is performed based on their impact on several well-known statistical measures. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|