Investigation of the performance of GAFT, a novel network anomaly fault detection system

被引:0
作者
Li, J [1 ]
Manikopoulos, C [1 ]
机构
[1] New Jersey Inst Technol, Dept Elect & Comp Engn, Newark, NJ 07102 USA
来源
LCN 2002: 27TH ANNUAL IEEE CONFERENCE ON LOCAL COMPUTER NETWORKS, PROCEEDINGS | 2002年
关键词
network management; soft fault detection; statistical processing; neural network classification; Internet;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper we investigate the performance of a novel hierarchical, distributed, multi-tier, multi-window fault detection system, namely the Generalized Anomaly and Fault Threshold (GAFT) system. We have carried out extensive simulation experiments of network resource and service deterioration, under two kinds of challenging conditions: in the presence of increasing intensities of class-alien traffic congestion and for a fixed intensity of anomaly traffic, but of varying characteristics, i.e., the distribution of fault packet length and inter-arrival interval. The corresponding numerical results demonstrate that GAFT is very efficient and can reliably detect the soft fault with traffic anomaly intensity as low as three percent of the typical background traffic intensity. Moreover, while GAFT is sensitive to the characteristics of the distributions that shape the fault under observation, it is very powerful in discerning even the most challenging cases, when the fault has very similar defining distribution characteristics to the prevailing background.
引用
收藏
页码:249 / 258
页数:10
相关论文
共 9 条
[1]  
[Anonymous], 1994, NEURAL NETWORK COMPR
[2]   Statistical traffic modeling for network intrusion detection [J].
Cabrera, JBD ;
Ravichandran, B ;
Mehra, RK .
8TH INTERNATIONAL SYMPOSIUM ON MODELING, ANALYSIS AND SIMULATION OF COMPUTER AND TELECOMMUNICATION SYSTEMS, PROCEEDINGS, 2000, :466-473
[3]  
CARPENTER GA, 1992, INT JOINT C NEUR NET
[4]   NEURAL NET NONLINEAR PREDICTION FOR SPEECH DATA [J].
DILLON, RM ;
MANIKOPOULOS, CN .
ELECTRONICS LETTERS, 1991, 27 (10) :824-826
[5]   Detecting anomalous and unknown intrusions against programs [J].
Ghosh, AK ;
Wanken, J ;
Charron, F .
14TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 1998, :259-267
[6]  
JIANG S, 1995, P IEEE SING INT C NE, P265
[7]  
*NEUR INC, 1998, NEUR COMP TECHN HDB
[8]  
Valdes A., 1995, STAT METHODS COMPUTE
[9]  
ZHANG Z, 2001, P IEEE IFIP MMNS 200