原文传递
Use of Packet Header Anomaly Detection in Lossy Network Traffic Compression for Network Intrusion Detection Applications.
| 题名: | Use of Packet Header Anomaly Detection in Lossy Network Traffic Compression for Network Intrusion Detection Applications. |
| 作者: | Smith, S. C.; Hammell , R. I. J. |
| 关键词: | Algorithms, Packet loss, Anomaly detection, Intrusion detection, Change detection, Compression, Intrusion detection systems, Computer programs, Compressors, Data mining, Compression ratio, Entropy, Central processing units, Lossy compression, Lossless compression, Network intrusion detection, Software, Snort, Tcpreplay, Tcpdump, Libpcap, Distributed network intrusion detection systems, Central analysis system |
| 摘要: | This report describes efforts to employ a packet header anomaly detection algorithm to measure how unusual each packet is. A compression tool is written that compares this measure against a threshold, keeping only that traffic that is more unusual than the threshold. The Snort network intrusion detection tool is run against the data set to establish a baseline of alerts. It is then run against the compressed data set to discover how many alerts were lost or the alert loss rate. The threshold is lowered and the experiment repeated several times. The size of the data expressed as a percentage of the original size and the alert lost rate are plotted against these thresholds to show the threshold that provides the best compression with the acceptable alert loss. |
| 报告类型: | 科技报告 |
相关文献
- Cyber Data Anomaly Detection Using Autoencoder Neural Networks.
- Optimization of Convolutional Neural Networks for Enhanced Compression Techniques and Computer Vision Applications.
- Methods to Address Extreme Class Imbalance in Machine Learning Based Network Intrusion Detection Systems.
- Characterization of Extremely Lightweight Intrusion Detection (ELIDe) Power Utilization by Varying N-gram and Hash Length. Final Report April-September 2014.
- Generative Methods and Meta Learning for Cybersecurity.
- Critical Energy Infrastructure Cyber Defense-in-Depth.
检索历史
应用推荐
