Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model
Malicious traffic such as Denial of Service (DoS) attack has potential to introduce distribution error and perturbs the self-similarity property of network traffic. As a result, loss of self-similarity (LoSS) is detected which indicates poor Quality of Service (QoS) performance. In order to fulfill...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Published: |
International Journal of Computer Science and Network Security
2007
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/5602/ http://paper.ijcsns.org/07_book/200709/20070917.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1845471421516480512 |
|---|---|
| author | Rohani, M. F. Maarof, M. A. Selamat, A. Kettani, H. |
| author_facet | Rohani, M. F. Maarof, M. A. Selamat, A. Kettani, H. |
| author_sort | Rohani, M. F. |
| building | UTM Library |
| collection | Institutional Repository |
| content_provider | Universiti Teknologi Malaysia |
| content_source | UTM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | Malicious traffic such as Denial of Service (DoS) attack has potential to introduce distribution error and perturbs the self-similarity property of network traffic. As a result, loss of self-similarity (LoSS) is detected which indicates poor Quality of Service (QoS) performance. In order to fulfill the demand for high speed and detection accuracy, this paper proposes LoSS detection method with second order self-similarity statistical (SOSS) model and estimates the self-similarity parameter using the optimization method (OM). We investigate the behavior of self-similarity property for normal and abnormal traffic traces with different sampling levels. We test our approach using synthetic and real traffic simulation datasets. The results demonstrate that the proposed method has successfully exposed the abnormality of Internet traffic behavior. However, the experimental results show that fixed sampling level is not sufficient to reveal the self-similarity distribution error accurately. Accordingly, we introduce a new set of multi-level sampling parameters and propose a new LoSS detection method with multi-level sampling approach in order to improve the detection accuracy. |
| format | Article |
| id | my.utm.eprints-5602 |
| institution | Universiti Teknologi Malaysia |
| publishDate | 2007 |
| publisher | International Journal of Computer Science and Network Security |
| record_format | eprints |
| spelling | my.utm.eprints-56022012-11-05T07:41:42Z http://eprints.utm.my/5602/ Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model Rohani, M. F. Maarof, M. A. Selamat, A. Kettani, H. QA75 Electronic computers. Computer science Malicious traffic such as Denial of Service (DoS) attack has potential to introduce distribution error and perturbs the self-similarity property of network traffic. As a result, loss of self-similarity (LoSS) is detected which indicates poor Quality of Service (QoS) performance. In order to fulfill the demand for high speed and detection accuracy, this paper proposes LoSS detection method with second order self-similarity statistical (SOSS) model and estimates the self-similarity parameter using the optimization method (OM). We investigate the behavior of self-similarity property for normal and abnormal traffic traces with different sampling levels. We test our approach using synthetic and real traffic simulation datasets. The results demonstrate that the proposed method has successfully exposed the abnormality of Internet traffic behavior. However, the experimental results show that fixed sampling level is not sufficient to reveal the self-similarity distribution error accurately. Accordingly, we introduce a new set of multi-level sampling parameters and propose a new LoSS detection method with multi-level sampling approach in order to improve the detection accuracy. International Journal of Computer Science and Network Security 2007-09 Article PeerReviewed Rohani, M. F. and Maarof, M. A. and Selamat, A. and Kettani, H. (2007) Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model. International Journal of Computer Science and Network Security, 7 (9). pp. 116-122. ISSN 1738-7906 http://paper.ijcsns.org/07_book/200709/20070917.pdf |
| spellingShingle | QA75 Electronic computers. Computer science Rohani, M. F. Maarof, M. A. Selamat, A. Kettani, H. Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| title | Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| title_full | Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| title_fullStr | Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| title_full_unstemmed | Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| title_short | Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| title_sort | uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model |
| topic | QA75 Electronic computers. Computer science |
| url | http://eprints.utm.my/5602/ http://paper.ijcsns.org/07_book/200709/20070917.pdf |
| url_provider | http://eprints.utm.my/ |