Statistical Traffic Modeling for Network Intrusion Detection
MASCOTS '00 Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
Fundamental design issues for the future Internet
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
Real-Time intrusion detection system (IDS) based on traffic analysis is one of the highlighted topics of network security researches. Restricted by computer resources, real-time IDS is computationally infeasible to deal with gigantic operations of data storage and analyzing in real world. As a result, the sampling measurement technique in a high-speed network becomes an important issue in this topic. Sampling distance analysis of gigantic data mining for IDS is shown in this paper. Based on differential equation theory, a quantitative analysis of the effect of IDS on the network traffic is given firstly. Secondly, a minimum delay time of IDS needed to detect some kinds of intrusions is analyzed. Finally, an upper bound of the sampling distance is discussed. Proofs are given to show the efficiency of our approach.