Callegari et al., 2016 - Google Patents
Statistical network anomaly detection: An experimental studyCallegari et al., 2016
- Document ID
- 14376821208892283443
- Author
- Callegari C
- Giordano S
- Pagano M
- Publication year
- Publication venue
- International conference on future network systems and security
External Links
Snippet
The number and impact of attack over the Internet have been continuously increasing in the last years, pushing the focus of many research activities into the development of effective techniques to promptly detect and identify anomalies in the network traffic. In this paper, we …
- 238000001514 detection method 0 title abstract description 38
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/16—Arrangements for monitoring or testing packet switching networks using threshold monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/12—Arrangements for maintenance or administration or management of packet switching networks network topology discovery or management
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ring et al. | Detection of slow port scans in flow-based network traffic | |
| US9094288B1 (en) | Automated discovery, attribution, analysis, and risk assessment of security threats | |
| Moustafa et al. | Anomaly detection system using beta mixture models and outlier detection | |
| Thottan et al. | Anomaly detection approaches for communication networks | |
| US8682812B1 (en) | Machine learning based botnet detection using real-time extracted traffic features | |
| Pascoal et al. | Robust feature selection and robust PCA for internet traffic anomaly detection | |
| Komisarek et al. | Machine Learning Based Approach to Anomaly and Cyberattack Detection in Streamed Network Traffic Data. | |
| EP4111660B1 (en) | Cyberattack identification in a network environment | |
| WO2010114363A1 (en) | Method and system for alert classification in a computer network | |
| Letteri et al. | MTA-KDD'19: A Dataset for Malware Traffic Detection. | |
| Callegari et al. | Entropy-based network anomaly detection | |
| Shukla et al. | Entropy-based anomaly detection in a network | |
| Patil et al. | KS-DDoS: Kafka streams-based classification approach for DDoS attacks | |
| Fortunati et al. | An improvement of the state-of-the-art covariance-based methods for statistical anomaly detection algorithms | |
| Sharma et al. | An overview of flow-based anomaly detection | |
| Callegari et al. | Statistical network anomaly detection: An experimental study | |
| Bajtoš et al. | Multi-stage cyber-attacks detection in the industrial control systems | |
| Kozik et al. | Pattern extraction algorithm for NetFlow‐based botnet activities detection | |
| Shahrestani et al. | Architecture for applying data mining and visualization on network flow for botnet traffic detection | |
| Rathore et al. | Intrusion detection using decision tree model in high-speed environment | |
| Callegari et al. | Detecting anomalies in backbone network traffic: a performance comparison among several change detection methods | |
| Callegari et al. | A novel bivariate entropy-based network anomaly detection system | |
| Saunders et al. | Deep Graph Learning for DDoS Detection and Multi-Class Classification IDS | |
| Callegari et al. | On the combined use of sketches and CUSUM for Anomaly Detection | |
| Callegari et al. | Impact of Histogram Construction Techniques on Information-Theoretic Anomaly Detection |