Attack Detection based on Statistical Discriminators

Attacks represent a serious threat to a network environment, and therefore need to be promptly detected. New attack types, of which detection systems may not even be aware, are the most difficult to detect. Currently, the available methods are mainly based on signature or learning algorithms and gen...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: do Carmo, M.F.F., Holanda, R., Maia, J.E.B., de Sousa, J.N.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Attacks represent a serious threat to a network environment, and therefore need to be promptly detected. New attack types, of which detection systems may not even be aware, are the most difficult to detect. Currently, the available methods are mainly based on signature or learning algorithms and generally can not detect these new attacks. The approach presented here uses a small number of statistical discriminators and cluster analysis to detect attacks, obtaining results which are better than the results found in previous papers. Cluster analysis is a not supervised technique and, therefore, it is able to detect new attacks. We performed an empirical test using real traces.
ISSN:2150-3281
DOI:10.1109/GIIS.2007.4404186