Anomaly detection in TCP/IP networks
Authors:
- Joanna Kołodziej,
- Mateusz Krzysztoń,
- Paweł Szynkiewicz
Abstract
Intrusion Detection Systems (IDS) should be capa- ble of quickly detecting attacks and network traffic anomalies to reduce the damage to the network com- ponents. They may efficiently detect threats based on prior knowledge of attack characteristics and the po- tential threat impact (’known attacks’). However, IDS cannot recognise threats, and attacks (’unknown at- tacks’) usually occur when using brand-new technolo- gies for system damage. This paper presents two security services – Net Anomaly Detector (NAD) and a signature-based PGA Filter for detecting attacks and anomalies in TCP/IP networks. Both services are modules of the cloud-based GUARD platform developed in the H2020 GUARD project. Such a platform was the main component of the simulation environment in the work presented in this paper. The provided experiments show that both modules achieved satisfactory results in detecting an unknown type of DoS attacks and signatures of DDoS attacks.
- Record ID
- CUT327559c198ce471c8771d111e918e2d1
- Publication categories
- ; ;
- Author
- Pages
- 542-548
- Other elements of collation
- schem.; tab.; wykr.; Bibliografia (na s.) - 547-548; Bibliografia (liczba pozycji) - 23; Oznaczenie streszczenia - Abstr.
- Substantive notes
- Wydaw. wg cop.
- Miejsce wyd. wg siedziby wydaw.
- Punktacja MNiSW/MEiN (rozdział) - 5
- Book
- Vicario Enrico, Enrico Vicario Bandinelli Romeo, Romeo Bandinelli Fani Virginia Virginia Fani [et al.] (eds.): ECMS 2023 : proceedings of the 37th ECMS International Conference on Modelling and Simulation, June 20th – June 23rd, 2023 Florence, Italy, European Conference for Modelling and Simulation, no. Vol. 37, Iss. 1, 2023, Caserta, ECMS, ISBN 978-3-937436-80-7 (Print)
- Keywords in English
- anomaly detection, machine learning, cybersecurity, TCP/IP
- URL
- https://www.scs-europe.net/dlib/dl-index.htm Opening in a new tab
- Language
- eng (en) English
- License
- Score (nominal)
- 5
- Score source
- publisherList
- Score
- Additional fields
- Indeksowana w: CORE
- Uniform Resource Identifier
- https://cris.pk.edu.pl/info/article/CUT327559c198ce471c8771d111e918e2d1/
- URN
urn:pkr-prod:CUT327559c198ce471c8771d111e918e2d1
* presented citation count is obtained through Internet information analysis, and it is close to the number calculated by the Publish or PerishOpening in a new tab system.