Abstract
We present a novel approach to identifying anomalous network events Specifically, a method for characterizing and displaying the flow of conversations across a distributed system with a high number of interacting entities is discussed and analyzed. Results from from attacks contained in the DARPA Lincoln Lab IDS test data and from operational network traffic are presented. These results suggest that our approach presents a unique perspective on anomalies in computer network traffic.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Axelsson, S.: Intrusion detection systems: A survey and taxonomy. Chalmers University Technical Report 99-15 (March 2000)
Burgess, M.: Thermal, nonequilibrium phase space for networked computers. The American Physical Society G2(2), 1738–1742 (2000)
Evans, S.C., Barnett, B.: Network security through conservation of complexity. In: Proceedings of IEEE Military Comms. Conf (MILCOM 2002), Los Angeles , pp. 1133–1138 (October 2002)
Donald, S.D., McMillen, R.V., Ford, D.A., McEachen, J.C.: Therminator 2: A realtime system for patternless intrusion detection. In: Proc. of the IEEE Military Comms. Conf (MILCOM 2002), Los Angeles, pp. 1498–1502 (October 2002)
Crovella, M., Bestavros, A.: Self-Similarity in world-wide web traffic: Evidence and possible causes. In: Proc. ACM Sigmetrics Conf. on Meas. And Mod. Of Comp. Sys. (May 1996)
Arlitt, M., Jin, T.: A workload characterization study of the 1998 world cup web site. IEEE Network (May/June 2000)
Massachusetts Institute Of Technology, Lincoln Laboratory, DARPA Intrusion Detection Evaluation ,September 14 (2003), http://www.ll.mit.edu/IST/ideval/index.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mylavarapu, S., McEachen, J.C., Zachary, J.M., Walch, S.L., Marinovich, J.S. (2004). Modeling Traffic Flow Using Conversation Exchange Dynamics for Identifying Network Attacks. In: Freire, M.M., Chemouil, P., Lorenz, P., Gravey, A. (eds) Universal Multiservice Networks. ECUMN 2004. Lecture Notes in Computer Science, vol 3262. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30197-4_32
Download citation
DOI: https://doi.org/10.1007/978-3-540-30197-4_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23551-4
Online ISBN: 978-3-540-30197-4
eBook Packages: Springer Book Archive