Paper Abstract and Keywords |
Presentation |
2007-04-24 09:25
Detecting Causal Hosts of Anomalous Traffic using Difference of Anomaly Score Yuji Waizumi, Hideki Saga, Hiroshi Tsunoda, Yoshiaki Nemoto (Tohoku Univ.) CS2007-7 |
Abstract |
(in Japanese) |
(See Japanese page) |
(in English) |
e propose a method to specify hosts which
send anomalous pakects when a notwork anomaly is detected.
Our proposed method supposes an anomaly detection technoque based time
slot observation.
In many cases, the time slot base observation will not extract
information to discriminate each host which send packets in each slot.
It is difficult to detect true anomalous hosts from
multiple hosts sending packets which are the same kind of packets
detected as anomaly.
Our proposed method reconstructs traffic dump data by eliminating
packets of each host which is a candidate of anomalous host,
and recalculates an Anomaly Score using ther reconstructed dump data.
The proposed method detect true anomalous host based on the
recalculated Anomaly Score. |
Keyword |
(in Japanese) |
(See Japanese page) |
(in English) |
Specifing Anomaly Cause Host / Traffic Data Reconstruction / Anomaly Detection / / / / / |
Reference Info. |
IEICE Tech. Rep., vol. 107, no. 18, CS2007-7, pp. 37-42, April 2007. |
Paper # |
CS2007-7 |
Date of Issue |
2007-04-16 (CS) |
ISSN |
Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 |
Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) |
Download PDF |
CS2007-7 |
Conference Information |
Committee |
CQ CS |
Conference Date |
2007-04-23 - 2007-04-24 |
Place (in Japanese) |
(See Japanese page) |
Place (in English) |
Kagoshima University |
Topics (in Japanese) |
(See Japanese page) |
Topics (in English) |
Media Quality, Quality Evaluation Model, Reliability, Security, Quality of Ubiquitous/Broadband Networks, etc |
Paper Information |
Registration To |
CS |
Conference Code |
2007-04-CQ-CS |
Language |
Japanese |
Title (in Japanese) |
(See Japanese page) |
Sub Title (in Japanese) |
(See Japanese page) |
Title (in English) |
Detecting Causal Hosts of Anomalous Traffic using Difference of Anomaly Score |
Sub Title (in English) |
|
Keyword(1) |
Specifing Anomaly Cause Host |
Keyword(2) |
Traffic Data Reconstruction |
Keyword(3) |
Anomaly Detection |
Keyword(4) |
|
Keyword(5) |
|
Keyword(6) |
|
Keyword(7) |
|
Keyword(8) |
|
1st Author's Name |
Yuji Waizumi |
1st Author's Affiliation |
Tohoku University (Tohoku Univ.) |
2nd Author's Name |
Hideki Saga |
2nd Author's Affiliation |
Tohoku University (Tohoku Univ.) |
3rd Author's Name |
Hiroshi Tsunoda |
3rd Author's Affiliation |
Tohoku University (Tohoku Univ.) |
4th Author's Name |
Yoshiaki Nemoto |
4th Author's Affiliation |
Tohoku University (Tohoku Univ.) |
5th Author's Name |
|
5th Author's Affiliation |
() |
6th Author's Name |
|
6th Author's Affiliation |
() |
7th Author's Name |
|
7th Author's Affiliation |
() |
8th Author's Name |
|
8th Author's Affiliation |
() |
9th Author's Name |
|
9th Author's Affiliation |
() |
10th Author's Name |
|
10th Author's Affiliation |
() |
11th Author's Name |
|
11th Author's Affiliation |
() |
12th Author's Name |
|
12th Author's Affiliation |
() |
13th Author's Name |
|
13th Author's Affiliation |
() |
14th Author's Name |
|
14th Author's Affiliation |
() |
15th Author's Name |
|
15th Author's Affiliation |
() |
16th Author's Name |
|
16th Author's Affiliation |
() |
17th Author's Name |
|
17th Author's Affiliation |
() |
18th Author's Name |
|
18th Author's Affiliation |
() |
19th Author's Name |
|
19th Author's Affiliation |
() |
20th Author's Name |
|
20th Author's Affiliation |
() |
Speaker |
Author-1 |
Date Time |
2007-04-24 09:25:00 |
Presentation Time |
25 minutes |
Registration for |
CS |
Paper # |
CS2007-7 |
Volume (vol) |
vol.107 |
Number (no) |
no.18 |
Page |
pp.37-42 |
#Pages |
6 |
Date of Issue |
2007-04-16 (CS) |
|