The diffusion of technologies for high speed data transmission over the Internet and the growing employment of new multimedia services require fast and effective techniques for the protection against network attacks. In this paper we present a new approach able to detect at the same time different types of network anomalies. It consists in the simultaneous analysis of several traffic descriptors (aggregated through a sketch to guarantee the scalability of the algorithm) by means of a single vectorial algorithm. In terms of ROC curve, the performance of our multidimensional Intrusion Detection System (IDS) are comparable with the separate application of traditional monodimensional IDSs to all traffic parameters, while reducing the computational time of more than 80%
Sketch-based Multidimensional IDS: a New Approach for Network Anomaly Detection
CALLEGARI, CHRISTIAN;GIORDANO, STEFANO;PAGANO, MICHELE;
2013-01-01
Abstract
The diffusion of technologies for high speed data transmission over the Internet and the growing employment of new multimedia services require fast and effective techniques for the protection against network attacks. In this paper we present a new approach able to detect at the same time different types of network anomalies. It consists in the simultaneous analysis of several traffic descriptors (aggregated through a sketch to guarantee the scalability of the algorithm) by means of a single vectorial algorithm. In terms of ROC curve, the performance of our multidimensional Intrusion Detection System (IDS) are comparable with the separate application of traditional monodimensional IDSs to all traffic parameters, while reducing the computational time of more than 80%I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
