A Covariance Matrix Based Approach to Internet Anomaly Detection
Detecting multiple network attacks is essential to intrusion detection, network security defense and network traffic management. This paper presents a covariance matrix based detection approach to detecting multiple known and unknown network anomalies. It utilizes the difference of covariance matric...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Tagungsbericht |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 700 |
|---|---|
| container_issue | |
| container_start_page | 691 |
| container_title | |
| container_volume | |
| creator | Jin, Shuyuan Yeung, Daniel So Wang, Xizhao Tsang, Eric C. C. |
| description | Detecting multiple network attacks is essential to intrusion detection, network security defense and network traffic management. This paper presents a covariance matrix based detection approach to detecting multiple known and unknown network anomalies. It utilizes the difference of covariance matrices among observed samples in the detection. A threshold matrix is employed in the detection where each entry of the matrix evaluates the covariance changes of the corresponding features. As case studies, extensive experiments are conducted to detect multiple DoS attacks – the prevalent Internet anomalies. The experimental results indicate that the proposed approach achieves high detection rates in detecting multiple known and unknown anomalies. |
| doi_str_mv | 10.1007/11739685_72 |
| format | Conference Proceeding |
| fullrecord | <record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_19686508</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>19686508</sourcerecordid><originalsourceid>FETCH-LOGICAL-p219t-6d3b65fd5bae591d7a37cad25756c83ad0c01e547e66d556901836776ab068ff3</originalsourceid><addsrcrecordid>eNpNkDtPw0AQhI-XRAip-APXUFAY9ry-PV-HE16Rgmigttb2GQyJbd1ZiPx7jAIS00wxo9HoE-JMwaUCMFdKGbSU6tzEe2JmTYo6AUSdatoXE0VKRYiJPRAnf0FCh2ICCHFkTYLHYhbCO4xCRQB2Iq4zueg-2Tfclk4-8uCbLznn4CqZ9b3vuHyTQyeX7eB86waZtd2G11t54wZXDk3XnoqjmtfBzX59Kl7ubp8XD9Hq6X65yFZRHys7RFRhQbqudMFOW1UZRlNyFWujqUyRKyhBOZ0YR1RpTRZUimQMcQGU1jVOxflut-dQ8rr24-Em5L1vNuy3uRqxkIZ07F3semGM2lfn86LrPkKuIP9BmP9DiN_0o1x9</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A Covariance Matrix Based Approach to Internet Anomaly Detection</title><source>Springer Books</source><creator>Jin, Shuyuan ; Yeung, Daniel So ; Wang, Xizhao ; Tsang, Eric C. C.</creator><contributor>Yan, Hong ; Yeung, Daniel S. ; Wang, Xi-Zhao ; Liu, Zhi-Qiang</contributor><creatorcontrib>Jin, Shuyuan ; Yeung, Daniel So ; Wang, Xizhao ; Tsang, Eric C. C. ; Yan, Hong ; Yeung, Daniel S. ; Wang, Xi-Zhao ; Liu, Zhi-Qiang</creatorcontrib><description>Detecting multiple network attacks is essential to intrusion detection, network security defense and network traffic management. This paper presents a covariance matrix based detection approach to detecting multiple known and unknown network anomalies. It utilizes the difference of covariance matrices among observed samples in the detection. A threshold matrix is employed in the detection where each entry of the matrix evaluates the covariance changes of the corresponding features. As case studies, extensive experiments are conducted to detect multiple DoS attacks – the prevalent Internet anomalies. The experimental results indicate that the proposed approach achieves high detection rates in detecting multiple known and unknown anomalies.</description><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 3540335846</identifier><identifier>ISBN: 9783540335849</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 9783540335856</identifier><identifier>EISBN: 3540335854</identifier><identifier>DOI: 10.1007/11739685_72</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Anomaly Detection ; Applied sciences ; Artificial intelligence ; Computer science; control theory; systems ; Computer systems and distributed systems. User interface ; Covariance Matrix ; Exact sciences and technology ; False Alarm Rate ; Intrusion Detection ; Intrusion Detection System ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Software</subject><ispartof>Advances in Machine Learning and Cybernetics, 2006, p.691-700</ispartof><rights>Springer-Verlag Berlin Heidelberg 2006</rights><rights>2007 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/11739685_72$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/11739685_72$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,779,780,784,789,790,793,4050,4051,27925,38255,41442,42511</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=19686508$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Yan, Hong</contributor><contributor>Yeung, Daniel S.</contributor><contributor>Wang, Xi-Zhao</contributor><contributor>Liu, Zhi-Qiang</contributor><creatorcontrib>Jin, Shuyuan</creatorcontrib><creatorcontrib>Yeung, Daniel So</creatorcontrib><creatorcontrib>Wang, Xizhao</creatorcontrib><creatorcontrib>Tsang, Eric C. C.</creatorcontrib><title>A Covariance Matrix Based Approach to Internet Anomaly Detection</title><title>Advances in Machine Learning and Cybernetics</title><description>Detecting multiple network attacks is essential to intrusion detection, network security defense and network traffic management. This paper presents a covariance matrix based detection approach to detecting multiple known and unknown network anomalies. It utilizes the difference of covariance matrices among observed samples in the detection. A threshold matrix is employed in the detection where each entry of the matrix evaluates the covariance changes of the corresponding features. As case studies, extensive experiments are conducted to detect multiple DoS attacks – the prevalent Internet anomalies. The experimental results indicate that the proposed approach achieves high detection rates in detecting multiple known and unknown anomalies.</description><subject>Anomaly Detection</subject><subject>Applied sciences</subject><subject>Artificial intelligence</subject><subject>Computer science; control theory; systems</subject><subject>Computer systems and distributed systems. User interface</subject><subject>Covariance Matrix</subject><subject>Exact sciences and technology</subject><subject>False Alarm Rate</subject><subject>Intrusion Detection</subject><subject>Intrusion Detection System</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Software</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>3540335846</isbn><isbn>9783540335849</isbn><isbn>9783540335856</isbn><isbn>3540335854</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2006</creationdate><recordtype>conference_proceeding</recordtype><recordid>eNpNkDtPw0AQhI-XRAip-APXUFAY9ry-PV-HE16Rgmigttb2GQyJbd1ZiPx7jAIS00wxo9HoE-JMwaUCMFdKGbSU6tzEe2JmTYo6AUSdatoXE0VKRYiJPRAnf0FCh2ICCHFkTYLHYhbCO4xCRQB2Iq4zueg-2Tfclk4-8uCbLznn4CqZ9b3vuHyTQyeX7eB86waZtd2G11t54wZXDk3XnoqjmtfBzX59Kl7ubp8XD9Hq6X65yFZRHys7RFRhQbqudMFOW1UZRlNyFWujqUyRKyhBOZ0YR1RpTRZUimQMcQGU1jVOxflut-dQ8rr24-Em5L1vNuy3uRqxkIZ07F3semGM2lfn86LrPkKuIP9BmP9DiN_0o1x9</recordid><startdate>2006</startdate><enddate>2006</enddate><creator>Jin, Shuyuan</creator><creator>Yeung, Daniel So</creator><creator>Wang, Xizhao</creator><creator>Tsang, Eric C. C.</creator><general>Springer Berlin Heidelberg</general><general>Springer</general><scope>IQODW</scope></search><sort><creationdate>2006</creationdate><title>A Covariance Matrix Based Approach to Internet Anomaly Detection</title><author>Jin, Shuyuan ; Yeung, Daniel So ; Wang, Xizhao ; Tsang, Eric C. C.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p219t-6d3b65fd5bae591d7a37cad25756c83ad0c01e547e66d556901836776ab068ff3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2006</creationdate><topic>Anomaly Detection</topic><topic>Applied sciences</topic><topic>Artificial intelligence</topic><topic>Computer science; control theory; systems</topic><topic>Computer systems and distributed systems. User interface</topic><topic>Covariance Matrix</topic><topic>Exact sciences and technology</topic><topic>False Alarm Rate</topic><topic>Intrusion Detection</topic><topic>Intrusion Detection System</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Software</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Jin, Shuyuan</creatorcontrib><creatorcontrib>Yeung, Daniel So</creatorcontrib><creatorcontrib>Wang, Xizhao</creatorcontrib><creatorcontrib>Tsang, Eric C. C.</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Jin, Shuyuan</au><au>Yeung, Daniel So</au><au>Wang, Xizhao</au><au>Tsang, Eric C. C.</au><au>Yan, Hong</au><au>Yeung, Daniel S.</au><au>Wang, Xi-Zhao</au><au>Liu, Zhi-Qiang</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A Covariance Matrix Based Approach to Internet Anomaly Detection</atitle><btitle>Advances in Machine Learning and Cybernetics</btitle><date>2006</date><risdate>2006</risdate><spage>691</spage><epage>700</epage><pages>691-700</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>3540335846</isbn><isbn>9783540335849</isbn><eisbn>9783540335856</eisbn><eisbn>3540335854</eisbn><abstract>Detecting multiple network attacks is essential to intrusion detection, network security defense and network traffic management. This paper presents a covariance matrix based detection approach to detecting multiple known and unknown network anomalies. It utilizes the difference of covariance matrices among observed samples in the detection. A threshold matrix is employed in the detection where each entry of the matrix evaluates the covariance changes of the corresponding features. As case studies, extensive experiments are conducted to detect multiple DoS attacks – the prevalent Internet anomalies. The experimental results indicate that the proposed approach achieves high detection rates in detecting multiple known and unknown anomalies.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/11739685_72</doi><tpages>10</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0302-9743 |
| ispartof | Advances in Machine Learning and Cybernetics, 2006, p.691-700 |
| issn | 0302-9743 1611-3349 |
| language | eng |
| recordid | cdi_pascalfrancis_primary_19686508 |
| source | Springer Books |
| subjects | Anomaly Detection Applied sciences Artificial intelligence Computer science control theory systems Computer systems and distributed systems. User interface Covariance Matrix Exact sciences and technology False Alarm Rate Intrusion Detection Intrusion Detection System Memory and file management (including protection and security) Memory organisation. Data processing Software |
| title | A Covariance Matrix Based Approach to Internet Anomaly Detection |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-26T05%3A50%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20Covariance%20Matrix%20Based%20Approach%20to%20Internet%20Anomaly%20Detection&rft.btitle=Advances%20in%20Machine%20Learning%20and%20Cybernetics&rft.au=Jin,%20Shuyuan&rft.date=2006&rft.spage=691&rft.epage=700&rft.pages=691-700&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=3540335846&rft.isbn_list=9783540335849&rft_id=info:doi/10.1007/11739685_72&rft_dat=%3Cpascalfrancis_sprin%3E19686508%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=9783540335856&rft.eisbn_list=3540335854&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |