Universiti Teknologi Malaysia Institutional Repository

Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model

Rohani, M. F. and Maarof, M. A. and Selamat, A. and Kettani, H. (2007) Uncovering anomaly traffic based on loss of self-similarity behavior using second order statistical model. International Journal of Computer Science and Network Security, 7 (9). pp. 116-122. ISSN 1738-7906

Full text not available from this repository.

Official URL: http://paper.ijcsns.org/07_book/200709/20070917.pd...

Abstract

Malicious traffic such as Denial of Service (DoS) attack has potential to introduce distribution error and perturbs the self-similarity property of network traffic. As a result, loss of self-similarity (LoSS) is detected which indicates poor Quality of Service (QoS) performance. In order to fulfill the demand for high speed and detection accuracy, this paper proposes LoSS detection method with second order self-similarity statistical (SOSS) model and estimates the self-similarity parameter using the optimization method (OM). We investigate the behavior of self-similarity property for normal and abnormal traffic traces with different sampling levels. We test our approach using synthetic and real traffic simulation datasets. The results demonstrate that the proposed method has successfully exposed the abnormality of Internet traffic behavior. However, the experimental results show that fixed sampling level is not sufficient to reveal the self-similarity distribution error accurately. Accordingly, we introduce a new set of multi-level sampling parameters and propose a new LoSS detection method with multi-level sampling approach in order to improve the detection accuracy.

Item Type:Article
Additional Information:Open access journal
Uncontrolled Keywords:Anomaly Detection, Loss of Self-Similarity, Second Order Self-Similarity model, Multi-Level Sampling
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:5602
Deposited By: PM Mazleena Salleh
Deposited On:28 May 2008 00:33
Last Modified:05 Nov 2012 07:41

Repository Staff Only: item control page