Presentation	2005-04-21 Design and Implementation of Anomaly Detection System with Classified Packet Counting Kunio GOTO, Koji KOJIMA,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	In this research, practical application for quasi-realtime intrusion and network failure detection was designed and implemented. IP packet headers are counted at the monitoring point such as a border gateway router and summarized in every 5 minutes. Then four kind of statistical analyses are applied to the 5-minute summaries to find a sudden increase/decrease of each tuple. As the result, the developed application works fine with a standard desktop PC. Warnings are reported in at most 1 minute after every 5-minute summary. In addition to the warning report, Web interfaces are implemented to help the administrator to trace the cause of a warning.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	intrusion detection / anomaly traffic detection
Paper #	NS2005-4
Date of Issue

Conference Information
Committee	NS
Conference Date	2005/4/14(1days)
Place (in Japanese)	(See Japanese page)
Place (in English)
Topics (in Japanese)	(See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To	Network Systems(NS)
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	Design and Implementation of Anomaly Detection System with Classified Packet Counting
Sub Title (in English)
Keyword(1)	intrusion detection
Keyword(2)	anomaly traffic detection
1st Author's Name	Kunio GOTO
1st Author's Affiliation	Department of Information and Telecommunication Engineering, Nanzan University()
2nd Author's Name	Koji KOJIMA
2nd Author's Affiliation	Graduate School of Business Administration, Nanzan University
Date	2005-04-21
Paper #	NS2005-4
Volume (vol)	vol.105
Number (no)	12
Page	pp.pp.-
#Pages	4
Date of Issue