期刊名称:International Journal of Computer Network and Information Security
印刷版ISSN:2074-9090
电子版ISSN:2231-4946
出版年度:2020
卷号:12
期号:6
页码:1-13
DOI:10.5815/ijcnis.2020.06.01
出版社:MECS Publisher
摘要:Represented paper is currently topical, because of year on year increasing quantity and diversity of attacks on computer networks that causes significant losses for companies. This work provides abilities of such problems solving as: existing methods of location of anomalies and current hazards at networks, statistical methods consideration, as effective methods of anomaly detection and experimental discovery of choosed method effectiveness. The method of network traffic capture and analysis during the network segment passive monitoring is considered in this work. Also, the processing way of numerous network traffic indexes for further network information safety level evaluation is proposed. Represented methods and concepts usage allows increasing of network segment reliability at the expense of operative network anomalies capturing, that could testify about possible hazards and such information is very useful for the network administrator. To get a proof of the method effectiveness, several network attacks, whose data is storing in specialised DARPA dataset, were chosen. Relevant parameters for every attack type were calculated. In such a way, start and termination time of the attack could be obtained by this method with insignificant error for some methods.
关键词:Anomaly Detection;Cyberattacks;Information Security;Data Analysis;Technology Architecture;Abnormal Traffic Behavior;Vulnerability;Security;Threat Model
