Spatial and Temporal Characterization of Network Traffic

The Method of Entropy Spaces is based on constructing a three-dimensional space of network traffic at packet flow level. Each point in that space is a three-dimensional entropy value of the clusters of flows observed during a time slot. The selection of features for point clouds data is performed us...

Full description

Saved in:
Bibliographic Details
Published in:International journal of technology, knowledge and society knowledge and society, 2018-01, Vol.14 (2), p.1
Main Authors: Pablo Velarde Alvarado, Rafael Martinez Pelaez, Mena-Camaré, Luis J, Ochoa Brust, Alberto M, Efrain Moreno Garcia, Jose De Jesus Ceballos Mejia, Iriarte-Solis, Adalberto
Format: Article
Language:English
Subjects:
Communications traffic
Density
Entropy
Genetic engineering
Information theory
Intrusion
Intrusion detection systems
Knowledge
Local area networks
Network security
Pattern recognition
Principal components analysis
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Method of Entropy Spaces is based on constructing a three-dimensional space of network traffic at packet flow level. Each point in that space is a three-dimensional entropy value of the clusters of flows observed during a time slot. The selection of features for point clouds data is performed using Pattern Recognition (PR) techniques such as Principal Component Analysis (PCA) and Kernel Density Estimation (KDE). The typical traffic of the network is a model formed by a Gaussian Mixture (GM) and a Generalized Extreme Distribution (GEV) that defines the behavior of the selected features. These models, when integrated into an Anomaly-Based Intrusion Detection System (A-NIDS) were effective in detecting actual attacks carried out in a Local Area Network (LAN).
ISSN:1832-3669
DOI:10.18848/1832-3669/CGP/v14i02/1-7