Logo des Repositoriums
 

A comprehensive model for revealing anomaly in network data flow

Kurzanzeige
dc.contributor.authorSalem, Maher
dc.contributor.authorBuehler, Ulrich
dc.contributor.editorPlödereder, E.
dc.contributor.editorGrunske, L.
dc.contributor.editorSchneider, E.
dc.contributor.editorUll, D.
dc.date.accessioned2017-07-26T10:58:27Z
dc.date.available2017-07-26T10:58:27Z
dc.date.issued2014
dc.description.abstractLarge computer and communication networks lead to the generation of massive data flows. The difficulty of analyzing and managing these data in network security degrades the online detection of intrusion and suspicious connections. To overcome this problem, we present a comprehensive model that handles the traffic of computer networks and uncovers intrusions in real time. The model consists of dataset generator and intrusion detector. The dataset generator captures, analyzes and manages the live traffic using a dynamic queuing concept. It continuously constructs connection vectors from the live traffic and exports them either as datasets or sequentially into a pipe for further processing. The intrusion detector is based on an enhanced growing hierarchical self organizing map which classifies exported vectors to normal, anomaly or unknown connections. The model has been evaluated using synthetic and realistic data sources. It is able to process data flows within significant time and classifies the connections in the online mode effectively.en
dc.identifier.isbn978-3-88579-626-8
dc.identifier.pissn1617-5468
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofInformatik 2014
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-232
dc.titleA comprehensive model for revealing anomaly in network data flowen
dc.typeText/Conference Paper
gi.citation.endPage924
gi.citation.publisherPlaceBonn
gi.citation.startPage913
gi.conference.date22.-26. September 2014
gi.conference.locationStuttgart

Dateien

Sammlungen

P232 - INFORMATIK 2014