In the last few years, the number and impact of security attacks over the Internet have been continuously increasing. To face this issue, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering a novel statistical technique for detecting network anomalies. Our approach is based on the use of different families of Markovian models, namely high order and non-homogeneous Markov chains, for modeling network traffic running over TCP. The performance results shown in the paper justify the proposed method and highlight the improvements over commonly used statistical techniques.

A New Statistical Method for Detecting Network Anomalies in TCP Traffic

CALLEGARI, CHRISTIAN;PAGANO, MICHELE
2010-01-01

Abstract

In the last few years, the number and impact of security attacks over the Internet have been continuously increasing. To face this issue, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering a novel statistical technique for detecting network anomalies. Our approach is based on the use of different families of Markovian models, namely high order and non-homogeneous Markov chains, for modeling network traffic running over TCP. The performance results shown in the paper justify the proposed method and highlight the improvements over commonly used statistical techniques.
2010
Callegari, Christian; Vaton, S; Pagano, Michele
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/141659
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 14
  • ???jsp.display-item.citation.isi??? 11
social impact