A new network anomaly detection technique based on per-flow and per-service statistics

Yuji Waizumi, Daisuke Kudo, Nei Kato, Yoshiaki Nemoto

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In the present network security management, improvements in the performances of Intrusion Detection Systems(IDSs) are strongly desired. In this paper, we propose a network anomaly detection technique which can learn a state of network traffic based on per-flow and per-service statistics. These statistics consist of service request frequency, characteristics of a flow and code histogram of payloads. In this technique, we achieve an effective definition of the network state by observing the network traffic according to service. Moreover, we conduct a set of experiments to evaluate the performance of the proposed scheme and compare with those of other techniques.

Original languageEnglish
Title of host publicationComputational Intelligence and Security - International Conference, CIS 2005, Proceedings
Pages252-259
Number of pages8
DOIs
Publication statusPublished - 2005
EventInternational Conference on Computational Intelligence and Security, CIS 2005 - Xi'an, China
Duration: 2005 Dec 152005 Dec 19

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3802 LNAI
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

OtherInternational Conference on Computational Intelligence and Security, CIS 2005
CountryChina
CityXi'an
Period05/12/1505/12/19

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A new network anomaly detection technique based on per-flow and per-service statistics'. Together they form a unique fingerprint.

Cite this