The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The aim of research is to increase the network attack detection accuracy by means of fuzzy logic. This paper considers an approach to intrusion detection using fuzzy logic. The approach is based on network monitoring of the variables characteristic of different network anomalies, such as ratio of the incoming traffic to the outgoing, packet size, etc. Every type of menace is characterized by a vector...
Nowadays, organizations face the problem of keeping their information protected, available and trustworthy. In this context, machine learning techniques have also been extensively applied to this task. Since manual labeling is very expensive, several works attempt to handle intrusion detection with traditional clustering algorithms. In this paper, we introduce a new pattern recognition technique called...
Recent years, society relies heavily on the network infrastructure and information system. Protecting these assets from frequently network attacks needs to deploy some distributed security systems. However the amount of data produced by many distributed security tools can be overwhelming. So it's very difficult and limited to get the most risky alert through manual process based on the huge network...
This paper presents a mobile application based on providing Location Based Services (LBS) using Global Positioning System (GPS) as a location provider. The main objective of this work is to design and implement a client server system that helps the system to know the location of their employees and also alerts the employee when they are nearby. The mobile application was implemented using J2ME where...
This paper presents a method for modeling switching networks with overflow links that are offered multi-service traffic generated by a limited number of sources. A particular emphasis is put on the possibility to achieve a significant reduction in the blocking probability in the switching network that will result from the application of additional overflow links in the first stage of the switching...
The Suricata intrusion-detection system for computer-network monitoring has been advanced as an open-source improvement on the popular Snort system that has been available for over a decade. Suricata includes multi-threading to improve processing speed beyond Snort. Previous work comparing the two products has not used a real-world setting. We did this and evaluated the speed, memory requirements,...
Intrusion detection systems that make use of artificial intelligence techniques in order to improve effectiveness have been actively pursued in the last decade. Neural networks and Support Vector Machines have been also extensively applied to this task. However, their complexity to learn new attacks has become very expensive, making them inviable for a real time retraining. In this research, we introduce...
Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its architecture and main function blocks. Every five minutes, traffic information and security events are gathered...
Accurate measurement of available bandwidth (ABW) is an important parameter to analyze network performance. Active measurement is an attractive approach as it has the advantage of controllability and flexibility for performing network measurement. However, it can affect both the data traffic and the measurement process itself if a significant amount of probe traffic is injected into the network. Furthermore,...
The frequent items problem is to process a stream as a stream of items and find all items occurring more than a given fraction of the time. It is one of the most heavily studied problems in data stream mining, dating back to the 1980s. Aiming at higher false positive rate of the Space-Saving algorithm, an LRU-based (Least Recently Used, LRU) improved algorithm with low frequency item pre-eliminated...
Port-based or payload-based analysis is becoming difficult for accurate traffic identification when many applications use dynamic port numbers and encryption to avoid detection. In this paper we present an approach for online traffic classification relying on the observation of the first n packets of a flow. The packet size and inter-arrival times of the individual packets, rather than the statistic...
The paper proposed a network path situation assessment scheme, in which the basic probability assignment function of the local status and the stale path status could be achieved using fuzzy set. And the metrics situation set became the evidences of the path situation decision. Thus, the path situation set would be built from the fused evidences by evidence theory. The situation with the maximal confidence...
Current technologies for computer network and host defense do not provide suitable information to support strategic and tactical decision making processes. Although pattern-based malware detection is an active research area, the additional context of the type of malware can improve cyber situational awareness. This additional context is an indicator of threat capability thus allowing organizations...
Network motion control system because of network bandwidth restriction, the sampling period must increase to lead to degrade motion accuracy. This paper regards TCP network as network infrastructure, and the traditional linear interpolation is applied in slave system to make slave system possesses smaller sampling period than in remote system, and then maintain motion precision. About data dropout...
Accurate traffic classification is critical in network security monitoring and traffic engineering. To overcome the deficiencies of traditional traffic classification methods with port mapping and signature matching, several machine learning techniques were proposed. However, there are two main challenges for classifying network traffic using machine learning method. Firstly, labeled samples are scarce...
Analyzing, understanding and predicting failure is of paramount importance to achieve effective fault management. While various fault prediction methods have been studied in the past, many of them are not practical for use in real systems. In particular, they fail to address two crucial issues: one is to provide location information (i.e., the components where the failure is expected to occur on)...
A general strategy for improving the performance of classifiers is to consider multiple classifiers approach. Previous research works have shown that combination of different types of classifiers provided a good classification results. We noticed a raising interest to incorporate single Bayesian classifier into the multiple classifiers framework. In this light, this research work explored the possibility...
The knowledge of traffic behavior characteristics of every application has vital effect on the accuracy and granularity of application identification. Based on analyzing the Chi-Square Statistics, a novel method named ABSA is proposed to analyze the traffic behavior characteristics of applications. The ABSA method does not focus on any certain applications; in contrast, it aims at providing a quantitative...
Data mining is the use of algorithms to extract the information and patterns derived by the knowledge discovery in databases process. Classification maps data into predefined groups or classes. It is often referred to as supervised learning because the classes are determined before examining the data. In many data mining applications that address classification problems, feature and model selection...
Intrusion detection systems (IDS) as a part of today's networks raise millions of low-level alerts every day. Consequently, it is difficult for human to analyze them. Alert correlation techniques have been developed during recent years to decrease the number of alerts and provide a high-level abstraction of them for a network administrator. In this paper, we suggest a new method for correlating alerts...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.