Advanced search
Publication Cover
International Journal of Parallel, Emergent and Distributed Systems Volume 30, 2015 - Issue 6: Smart Communications in Network Technologies
Submit an article Journal homepage
97
Views
3
CrossRef citations to date
0
Altmetric
Smart Communications in Network Technologies

Proposal of a new information theory-based technique based on traffic anomaly detection analysis

Antonio Cuadra-SanchezTelematic Engineering Department, Universidad Autónoma de Madrid, Madrid, Spain;Telecom Market, Indra Sistemas, S.A., Valladolid, SpainCorrespondence[email protected]
,
Javier AracilTelematic Engineering Department, Universidad Autónoma de Madrid, Madrid, Spain
&
Javier Ramos de SantiagoTelematic Engineering Department, Universidad Autónoma de Madrid, Madrid, Spain
Pages 464-477 | Received 25 Sep 2014, Accepted 20 Apr 2015, Published online: 25 Jun 2015

References

  • F. Amiri, M. Rezaei Yousefi, C. Lucas, A. Shakery, and N. Yazdani, Mutual information-based feature selection for intrusion detection systems, J. Netw. Comput. Appl. 34 (2011), pp. 1184–1199. doi:10.1016/j.jnca.2011.01.002.
  • M. Basseville, and I.V. Nikiforov, Detection of Abrupt Changes: Theory and Application, 104, Prentice Hall, Englewood Cliffs, NJ, 1993.
  • C. Bell et al., Mutual information and maximal correlation as measures of dependence, Ann. Math. Stat. 33 (1962), pp. 587–595. doi:10.1214/aoms/1177704583.
  • M.L. Bulunga, Change-point detection in dynamical systems using auto-associative neural networks, Doctoral diss., Stellenbosch University, 2012, pp. 95–98.
  • C. Callegari, S. Giordano, M. Pagano, and T. Pepe, Wavecusum: Improving cusum performance in network anomaly detection by means of wavelet analysis, Comput. Secur. 31 (2012), pp. 727–735. doi:10.1016/j.cose.2012.05.001.
  • A.M.M. Carvalho, Controle estatstico de processos de predio de trfego de redes de computadores [Statistical traffic control processes of computer networks], Master's thesis, University of Uberlndia, 2012.
  • H. Chernoff, E. Lehmann et al., The use of maximum likelihood estimates in χ2 tests for goodness of fit, Ann. Math. Stat. 25 (1954), pp. 579–586. doi:10.1214/aoms/1177728726.
  • D.R. Cox, Prediction by exponentially weighted moving averages and related methods, J. R. Stat. Soc. 23 (1961), pp. 414–422.
  • C. Croarkin, and W. Guthrie, NIST/SEMATECH e-Handbook of Statistical Methods, National Institute of Standards and Technology (NIST), 2012.
  • T. Drugman, Using mutual information in supervised temporal event detection: Application to cough detection, Biomed. Signal Process. Control 10 (2014), pp. 50–57. doi:10.1016/j.bspc.2014.01.001.
  • S. Ehlert, D. Geneiatakis, and T. Magedanz, Survey of network security systems to counter sip-based denial-of-service attacks, Comput. Secur. 29 (2010), pp. 225–243. doi:10.1016/j.cose.2009.09.004.
  • J.J. Higgins, Introduction to Modern Nonparametric Statistics, Duxbury Press, California, 2003.
  • A. Maria, R. Matias, A. Macedo, P.R.M. Maciel, and L.B. Araujo, Performance analysis of control charts techniques applied to ip traffic forecasts, IEEE 12th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT), Gwangju, 2011, pp. 109–115.
  • D.C. Marinescu, and G.M. Marinescu, Classical and Quantum Information, Academic Press, Burlington, 2012.
  • F. Mata, P. Żuraniewski, M. Mandjes, and M. Mellia, Anomaly detection in diurnal data, Comput. Netw. 60 (2014), pp. 187–200. doi:10.1016/j.bjp.2013.11.011.
  • R. Matias, A.M. Carvalho, L.B. Araujo, and P.R.M. Maciel, Comparison analysis of statistical control charts for quality monitoring of network traffic forecasts, IEEE International Conference on Systems, Man, and Cybernetics (SMC) 2011, Anchorage, AK, USA, pp. 404–409.
  • D. Montgomery, Introduction to Statistical Quality Control, Wiley, New York, 2004.
  • R. Oprea, and A. Emile, Traffic Anomaly Detection Using a Distributed Measurement Network, University of Amsterdam, Amsterdam, 2013, pp. 25–27.
  • E.S. Page, Continuous inspection schemes, Biometrika 41 (1954), pp. 100–115. doi:10.1093/biomet/41.1-2.100.
  • K. Pearson, X. On the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling, London Edinburgh Dublin Philos. Mag. J. Sci. 50 (1900), pp. 157–175. doi:10.1080/14786440009463897.
  • T. Peng, C. Leckie, and K. Ramamohanarao, Survey of network-based defense mechanisms countering the dos and ddos problems, ACM Comp. Surv. 39 (2007), p. 3. doi:10.1145/1216370.1216373.
  • A.N. Pettitt, and M.A. Stephens, The Kolmogorov–Smirnov goodness-of-fit statistic with discrete and grouped data, Technometrics 19 (1977), pp. 205–210. doi:10.1080/00401706.1977.10489529.
  • K. Shah, E. Jonckheere, and S. Bohacek, Dynamic modeling of internet traffic for intrusion detection, EURASIP J. Adv. Signal Process. 2007 (2006)
  • C.E. Shannon, A mathematical theory of communication, ACM SIGMOBILE Mobile Comput. Commun. Rev. 5 (2001), pp. 3–55. doi:10.1145/584091.584093.
  • C. Shannon, and W. Weaver, The Mathematical Theory of Communication, Illinois University Press, Urbana, 1949.
  • W.A. Shewhart, Some applications of statistical methods to the analysis of physical and engineering data, Bell Syst. Techn. J. 3(1924), pp. 43–87. doi:10.1002/j.1538-7305.1924.tb01347.x.
  • A.G. Tartakovsky, B.L. Rozovskii, R.B. Blazek, and H. Kim, A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods, IEEE Trans. Signal Process. 54 (2006), pp. 3372–3382. doi:10.1109/TSP.2006.879308.
  • S. Verron, T. Tiplica, and A. Kobi, Fault detection and identification with a new feature selection based on mutual information, J. Process Control 18 (2008), pp. 479–490. doi:10.1016/j.jprocont.2007.08.003.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.