Network Traffic Analysis & Anomaly Detection based on Benford’s Law, Ph.D. Dissertation Sharif University of Technology ; Jahangir, Amir Hossein (Supervisor)
Abstract
The attempt of this project is to propose a simple model for traffic analysis which eventually leads to the presentation of an online classifier for network traffic anomaly detection. In this research, e show empirically that despite the variety of data networks in size, number of users, applications, and load, the inter-arrival times of normal TCP flows comply with the Weibull distribution whereas specific irregularities (anomalies) causes deviations from the distribution. Consequently, any type of anomalies affecting TCP flows, including intentional intrusions or unintended faults and network failures in general, can be detected by analyzing the discrepancy of TCP flow inter-arrival times...
Cataloging briefNetwork Traffic Analysis & Anomaly Detection based on Benford’s Law, Ph.D. Dissertation Sharif University of Technology ; Jahangir, Amir Hossein (Supervisor)
Abstract
The attempt of this project is to propose a simple model for traffic analysis which eventually leads to the presentation of an online classifier for network traffic anomaly detection. In this research, e show empirically that despite the variety of data networks in size, number of users, applications, and load, the inter-arrival times of normal TCP flows comply with the Weibull distribution whereas specific irregularities (anomalies) causes deviations from the distribution. Consequently, any type of anomalies affecting TCP flows, including intentional intrusions or unintended faults and network failures in general, can be detected by analyzing the discrepancy of TCP flow inter-arrival times...
Find in contentBookmark |
|