Entropy Based Worm and Anomaly Detection in Fast IP Networks
WETICE '05 Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise
Internet traffic behavior profiling for network security monitoring
IEEE/ACM Transactions on Networking (TON)
Controlled Chaos [Internet Security]
IEEE Spectrum
Hi-index | 0.00 |
Attacks, such as port scans, DDoS and worms, threaten the functionality and reliability of IP networks. Early and accurate detection is crucial to mitigate their impact. We use the Method of Remaining Elements (MRE) to detect anomalies based on the characterization of traffic features through a proportional uncertainty measure. MRE has the functionality and performance to detect abnormal behavior and serve as the foundation for next generation network intrusion detection systems.