loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Christian Callegari 1 ; 1 ; 1 ; 1 ; 1 ; 1 ; Michele Pagano 2 ; 2 ; 2 ; 2 ; 2 ; 2 ; Stefano Giordano 2 ; 2 ; 2 ; 2 ; 2 ; 2 and Fabrizio Berizzi 1 ; 1 ; 1 ; 1 ; 1 ; 1

Affiliations: 1 RaSS National Laboratory – CNIT and University of Pisa, Italy ; 2 University of Pisa, Italy

ISBN: 978-989-758-196-0

Keyword(s): Anomaly Detection, Histogram, Euclidean Distance, Kullback–Leibler Divergence, Jansen–Shannon Divergence.

Abstract: The ability of capturing unknown attacks is an attractive feature of anomaly-based intrusion detection and it is not surprising that research on such a topic represents one of the most promising directions in the field of network security. In this work we consider two different traffic descriptors and evaluate their ability in capturing different kinds of anomalies, taking into account three different measures of similarity in order to discriminate between the normal network behaviour and the presence of anomalies. An extensive performance analysis, carried out over the publicly available MAWILab dataset, has highlighted that a proper choice of the relevant traffic descriptor and the similarity measure can be particularly efficient in the case of unknown attacks, i.e. those attacks that cannot be detected by standard misuse-based systems.

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 34.207.146.166

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Callegari C., Callegari C., Callegari C., Callegari C., Callegari C., Callegari C., Pagano M., Pagano M., Pagano M., Pagano M., Pagano M., Pagano M., Giordano S., Giordano S., Giordano S., Giordano S., Giordano S., Giordano S., Berizzi F., Berizzi F., Berizzi F., Berizzi F., Berizzi F. and Berizzi F. (2016). A Novel Histogram-based Network Anomaly Detection.In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: DCCI, (ICETE 2016) ISBN 978-989-758-196-0, pages 103-110. DOI: 10.5220/0006013401030110

@conference{dcci16,
author={Christian Callegari and Christian Callegari and Christian Callegari and Christian Callegari and Christian Callegari and Christian Callegari and Michele Pagano and Michele Pagano and Michele Pagano and Michele Pagano and Michele Pagano and Michele Pagano and Stefano Giordano and Stefano Giordano and Stefano Giordano and Stefano Giordano and Stefano Giordano and Stefano Giordano and Fabrizio Berizzi and Fabrizio Berizzi and Fabrizio Berizzi and Fabrizio Berizzi and Fabrizio Berizzi and Fabrizio Berizzi},
title={A Novel Histogram-based Network Anomaly Detection},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: DCCI, (ICETE 2016)},
year={2016},
pages={103-110},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006013401030110},
isbn={978-989-758-196-0},
}

TY - CONF

JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: DCCI, (ICETE 2016)
TI - A Novel Histogram-based Network Anomaly Detection
SN - 978-989-758-196-0
AU - Callegari C.
AU - Callegari C.
AU - Callegari C.
AU - Callegari C.
AU - Callegari C.
AU - Callegari C.
AU - Pagano M.
AU - Pagano M.
AU - Pagano M.
AU - Pagano M.
AU - Pagano M.
AU - Pagano M.
AU - Giordano S.
AU - Giordano S.
AU - Giordano S.
AU - Giordano S.
AU - Giordano S.
AU - Giordano S.
AU - Berizzi F.
AU - Berizzi F.
AU - Berizzi F.
AU - Berizzi F.
AU - Berizzi F.
AU - Berizzi F.
PY - 2016
SP - 103
EP - 110
DO - 10.5220/0006013401030110

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.