Conference paper
Detecting security anomalies from internet traffic using the MA-RMSE algorithms
IEEE
7th IEEE International Conference on Industrial Informatics (INDIN 2009) (Cardiff, Wales, 23/06/2009–26/06/2009)
2009
Abstract
Many detection techniques against worms, denial of service attacks and botnets on the Internet have been developed. It is difficult to detect these threats if the malicious traffic has insufficient intensity, which is usually the case. To make the problem worse, legitimate Internet services behaving like worm and complexity network environments undermines the efficiency of the detection techniques. This paper proposes an entropy-based Internet threats detection approach that determines and reports the traffic complexity parameters when changes in the traffic complexity content may indicate a malicious network event. Based on the experiment, the proposed method is efficient and produces less false positive and false negative alarms with a faster detection time.
Details
- Title
- Detecting security anomalies from internet traffic using the MA-RMSE algorithms
- Authors/Creators
- B. Pinto (Author/Creator) - Response Biomedical (Canada)V. Khera (Author/Creator) - Nokia (Australia)C.C. Fung (Author/Creator) - Murdoch University
- Conference
- 7th IEEE International Conference on Industrial Informatics (INDIN 2009) (Cardiff, Wales, 23/06/2009–26/06/2009)
- Publisher
- IEEE
- Identifiers
- 991005543933007891
- Copyright
- © 2009 IEEE
- Murdoch Affiliation
- School of Information Technology
- Language
- English
- Resource Type
- Conference paper
- Note
- Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
Metrics
423 File views/ downloads
109 Record Views