Paper Info
Title
Analysis of the Impact of Intensive Attacks on the Self-Similarity Degree of the Network Traffic
Abstract
The research on how to use self-similarity for intrusion detection is not unfounded, as the scaling properties seem to partially define the very nature of aggregated traffic, and may become a potential differentiating factor in the presence of an anomaly. This paper explains how network intensive attacks can be injected into simulated traces of traffic, to then evolve to their analysis using a fast windowed version of the Variance Time (VT) estimator, optimized for the purpose of estimating the self-similarity degree in a point-by-point manner. The estimator is also applied to a trace of the well known Massachusetts Institute of Technology / Defense Advanced Research Projects Agency (MIT/DARPA) data set, leading to the conclusion that, during an attack, the insertion of a constant component may induce a significant increase of the local scope self-similarity degree, which may be used to suspect of the malicious activities and trigger further monitoring mechanisms.
Year
DOI
Venue
2008
10.1109/SECURWARE.2008.28
SECURWARE
Keywords
Field
DocType
computer networks,estimation theory,security of data,telecommunication security,telecommunication traffic,intrusion detection,network intensive attack,network traffic,self-similarity degree,variance time estimator
Computer science,Computer security,Telecommunication security,Bandwidth (signal processing),Suspect,Estimation theory,Intrusion detection system,Estimator
Conference
Citations 
PageRank 
References 
1
0.35
5
Authors
4
Name
Order
Citations
PageRank
Pedro R. M. Inácio117212.35
MÁRIO M. FREIRE243243.94
Manuela Pereira36611.57
Paulo P. Monteiro415629.69