Statistical model applied to netflow for network intrusion detection

  • Authors:

  • André Proto;Leandro A. Alexandre;Maira L. Batista;Isabela L. Oliveira;Adriano M. Cansian

  • Affiliations:

  • Universidade Estadual Paulista, S. J. do Rio Preto, S. Paulo, Brazil and Departamento de Ciências de Computação e Estatística, ACME! Computer Security Research Lab.;Universidade Estadual Paulista, S. J. do Rio Preto, S. Paulo, Brazil and Departamento de Ciências de Computação e Estatística, ACME! Computer Security Research Lab.;Universidade Estadual Paulista, S. J. do Rio Preto, S. Paulo, Brazil and Departamento de Ciências de Computação e Estatística, ACME! Computer Security Research Lab.;Universidade Estadual Paulista, S. J. do Rio Preto, S. Paulo, Brazil and Departamento de Ciências de Computação e Estatística, ACME! Computer Security Research Lab.;Universidade Estadual Paulista, S. J. do Rio Preto, S. Paulo, Brazil and Departamento de Ciências de Computação e Estatística, ACME! Computer Security Research Lab.

  • Venue:
  • Transactions on computational science XI
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

The computers and network services became presence guaranteed in several places. These characteristics resulted in the growth of illicit events and therefore the computers and networks security has become an essential point in any computing environment. Many methodologies were created to identify these events; however, with increasing of users and services on the Internet, many difficulties are found in trying to monitor a large network environment. This paper proposes a methodology for events detection in large-scale networks. The proposal approaches the anomaly detection using the NetFlow protocol, statistical methods and monitoring the environment in a best time for the application.