Detecting anomalies in network traffic using the method of remaining elements

Authors:
P. Velarde-Alvarado;C. Vargas-Rosales;D. Torres-Roman;A. Martinez-Herrera
Affiliations:
Autonomous University of Nayarit;Center for Electronics and Telecommunications, ITESM, Monterrey, NL, Mexico;CINVESTAV Guadalajara, Mexico;Center for Electronics and Telecommunications, ITESM, Monterrey, NL, Mexico
Venue:
IEEE Communications Letters
Year:
2009

Citing 3
Cited 0

Entropy Based Worm and Anomaly Detection in Fast IP Networks

WETICE '05 Proceedings of the 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise
Internet traffic behavior profiling for network security monitoring

IEEE/ACM Transactions on Networking (TON)
Controlled Chaos [Internet Security]

IEEE Spectrum

Quantified Score

Hi-index	0.00

Visualization

Abstract

Attacks, such as port scans, DDoS and worms, threaten the functionality and reliability of IP networks. Early and accurate detection is crucial to mitigate their impact. We use the Method of Remaining Elements (MRE) to detect anomalies based on the characterization of traffic features through a proportional uncertainty measure. MRE has the functionality and performance to detect abnormal behavior and serve as the foundation for next generation network intrusion detection systems.