By Topic

Analysis of the Impact of Intensive Attacks on the Self-Similarity Degree of the Network Traffic

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Pedro R. M. Inácio ; IT-Networks & Multimedia Group, Univ. of Beira Interior, Amadora ; Mário M. Freire ; Manuela Pereira ; Paulo P. Monteiro

The research on how to use self-similarity for intrusion detection is not unfounded, as the scaling properties seem to partially define the very nature of aggregated traffic, and may become a potential differentiating factor in the presence of an anomaly. This paper explains how network intensive attacks can be injected into simulated traces of traffic, to then evolve to their analysis using a fast windowed version of the Variance Time (VT) estimator, optimized for the purpose of estimating the self-similarity degree in a point-by-point manner. The estimator is also applied to a trace of the well known Massachusetts Institute of Technology / Defense Advanced Research Projects Agency (MIT/DARPA) data set, leading to the conclusion that, during an attack, the insertion of a constant component may induce a significant increase of the local scope self-similarity degree, which may be used to suspect of the malicious activities and trigger further monitoring mechanisms.

Published in:

2008 Second International Conference on Emerging Security Information, Systems and Technologies

Date of Conference:

25-31 Aug. 2008