izpis_h1_title_alt

Odkrivanje anomalij v računalniških omrežjih z uporabo odvisnosti višjega reda
ID Matek, Tadej (Author), ID Šubelj, Lovro (Mentor) More about this mentor... This link opens in a new window

.pdfPDF - Presentation file, Download (488,63 KB)
MD5: 7A14E20341350B8660A19861AA81226C
PID: 20.500.12556/rul/21cf0732-8b21-462d-9d03-db5a8527c5fa

Abstract
Dandanes poznamo neomejeno število omrežnih napadov, ki izkoriščajo ranljivosti v strukturi Interneta in omrežnih protokolov. V našem delu se lotimo problema zaznavanja anomalij v omrežnem prometu z vidika omrežne znanosti. Interakcije med različnimi omrežnimi protokoli modeliramo kot dinamiko v grafu. Prikažemo, da je običajni pristop izgradnje grafa močno omejen in neprimeren za modeliranje vzorcev v poteh, ki vsebujejo več kot dva koraka. Razvijemo metodo za zaznavanje anomalij, ki temelji na upoštevanju vzorcev višjega reda in prikažemo, da pravilno zazna poplavo UDP paketkov. Raziščemo tudi medsebojno interakcijo med omrežnimi protokoli in najpogostejše vzorce v omrežnem prometu.

Language:English
Keywords:anomalije v omrežnem prometu, omrežni napadi, omrežna znanost, odvisnosti višjega reda, omrežni protokoli
Work type:Master's thesis/paper
Organization:FRI - Faculty of Computer and Information Science
Year:2017
PID:20.500.12556/RUL-96669 This link opens in a new window
Publication date in RUL:09.10.2017
Views:1016
Downloads:416
Metadata:XML RDF-CHPDL DC-XML DC-RDF
:
Copy citation
Share:Bookmark and Share

Secondary language

Language:Slovenian
Title:Anomaly detection in computer networks using higher-order dependencies
Abstract:
Nowadays, countless network attacks are known, exploiting the vulnerability of network protocols and Internet topology. In our work, we tackle the problem of anomaly detection in computer communication networks from the standpoint of network analysis. We model the interactions between different network protocols as dynamics in a graph. We demonstrate that the traditional approach to constructing a graph is inadequate and fails to capture correlations in paths of length larger than two. We devise an anomaly detection procedure based on higher-order dependencies and show that it correctly identifies an UDP flood attack. We give insights into how computer communication protocols interact and what are the most common traffic patterns in the Internet.

Keywords:network anomalies, network attacks, network science, higher-order dependencies, Internet protocols

Similar documents

Similar works from RUL:
Similar works from other Slovenian collections:

Back