Alexey A. Didyk Kherson national technical university, Ukraine

Slides:



Advertisements
Similar presentations
Detecting Computer Intrusions Using Behavioral Biometrics Ahmed Awad E. A, and Issa Traore University of Victoria PST’05 Oct 13,2005.
Advertisements

Models and Security Requirements for IDS. Overview The system and attack model Security requirements for IDS –Sensitivity –Detection Analysis methodology.
Ch 6 Introduction to Formal Statistical Inference.
April “ Despite the increasing importance of mathematics to the progress of our economy and society, enrollment in mathematics programs has been.
Observed Structure of Addresses in IP Traffic CSCI 780, Fall 2005.
International Workshop on Computer Vision - Institute for Studies in Theoretical Physics and Mathematics, April , Tehran 1 IV COMPUTING SIZE.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Chapter 7 Sampling and Sampling Distributions
Distinguishing Photographic Images and Photorealistic Computer Graphics Using Visual Vocabulary on Local Image Edges Rong Zhang,Rand-Ding Wang, and Tian-Tsong.
ExaSphere Network Analysis Engine © 2006 Joseph E. Johnson, PhD
Statistical variation of material properties In practice, material properties are seldom homogenous, as they are sensitive to variations in parameter such.
Artificial Immune Systems Our body’s immune system is a perfect example of a learning system. It is able to distinguish between good cells and potentially.
Sampling Distributions
Multifractals in Real World
DIDS part II The Return of dIDS 2/12 CIS GrIDS Graph based intrusion detection system for large networks. Analyzes network activity on networks.
Testing Intrusion Detection Systems: A Critic for the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory By.
Software Process and Product Metrics
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
QUALITY CONTROL OF PHYSICO-Chemical METHODS Introduction :Validation توثيق المصدوقية.
Informational Network Traffic Model Based On Fractional Calculus and Constructive Analysis Vladimir Zaborovsky, Technical University, Robotics Institute,
Intrusion and Anomaly Detection in Network Traffic Streams: Checking and Machine Learning Approaches ONR MURI area: High Confidence Real-Time Misuse and.
1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.
A Statistical Anomaly Detection Technique based on Three Different Network Features Yuji Waizumi Tohoku Univ.
Using Bayesian Networks for Detecting Network Anomalies Lane Thames ECE 8833 Intelligent Systems.
Using security assessment methods to enhance the feedback from security training Jonas Hallberg Division of Information Systems Swedish Defence Research.
Improving Intrusion Detection System Taminee Shinasharkey CS689 11/2/00.
Traffic Modeling.
Montecarlo Simulation LAB NOV ECON Montecarlo Simulations Monte Carlo simulation is a method of analysis based on artificially recreating.
1 FARIMA(p,d,q) Model and Application n FARIMA Models -- fractional autoregressive integrated moving average n Generating FARIMA Processes n Traffic Modeling.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
An Approach To Automate a Process of Detecting Unauthorised Accesses M. Chmielewski, A. Gowdiak, N. Meyer, T. Ostwald, M. Stroiński
Copyright © 2003 OPNET Technologies, Inc. Confidential, not for distribution to third parties. Session 1341: Case Studies of Security Studies of Intrusion.
Client: The Boeing Company Contact: Mr. Nick Multari Adviser: Dr. Thomas Daniels Group 6 Steven BromleyJacob Gionet Jon McKeeBrandon Reher.
Scenario: Internet Attack Eunice Huang. What is DDoS? A denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to.
Mapping Internet Sensors with Probe Response Attacks Authors: John Bethencourt, Jason Franklin, Mary Vernon Published At: Usenix Security Symposium, 2005.
Gile Sampling1 Sampling. Fundamental principles. Daniel Gile
Maintaining and Updating Windows Server Monitoring Windows Server It is important to monitor your Server system to make sure it is running smoothly.
Feodor Vybornov, Alexander Pershin, Alexander Rakhlin, Olga Sheiner Features of modern diagnostic methods of ionospheric turbulence Radiophysical Research.
Wireless communications and mobile computing conference, p.p , July 2011.
Stat 1510: Sampling Distributions
Open-Eye Georgios Androulidakis National Technical University of Athens.
THE LAPLACE TRANSFORM LEARNING GOALS Definition
Mobile Agent Security Presented By Sayuri Yonekawa October 17, 2000.
Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University DATA CLASSIFICATION FOR CLASSIFIER.
12/25/2015© 2008 Raymond P. Jefferis IIILect Network Simulation.
For starters - pick up the file pebmass.PDW from the H:Drive. Put it on your G:/Drive and open this sheet in PsiPlot.
Elements of Research Design.  Purpose of the study  Types of investigation  Extent of researcher interference  Study setting  Unit of analysis (population.
International Conference on Fuzzy Systems and Knowledge Discovery, p.p ,July 2011.
 Rui Valadas, Lisbon, Portugal  Researcher at Instituto de Telecomunicações  Professor at Instituto Superior Técnico.
Abstract High-resolution vehicle speed profiles obtained from sophisticated devices such as global positioning system (GPS) receivers provide an opportunity.
1 Thrust 5: Secure Wireless Networking Technologies For future generation wireless packet networks, two most important aspects need to be addressed: QoS.
Sampling and Confidence Interval How can it be that mathematics, being after all a product of human thought independent of experience, is so admirably.
Network Anomaly Detection Using Autonomous System Flow Aggregates Thienne Johnson 1,2 and Loukas Lazos 1 1 Department of Electrical and Computer Engineering.
Tool Support for Testing Classify different types of test tools according to their purpose Explain the benefits of using test tools.
Chapter 9 Sampling Distributions 9.1 Sampling Distributions.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
DIVYA K 1RN09IS016 RNSIT1. Cloud computing provides a framework for supporting end users easily through internet. One of the security issues is how to.
Network traffic based computer system user identification Dr Zsolt Illési associate professor College of Dunaújváros Open Source Intelligence.
Performance Evaluation of Ethernet Networks under different Scenarios Lab 6
Intrusion Detection and Prevention Systems By Colton Delman COSC 454 Information Assurance Management.
By: Surapheal Belay ITEC 6322 / Spring ABSTRACT NIST , guide to intrusion detection and prevention systems (IDPS), discusses four types of.
Sampling Distributions
Doc.RNDr.Iveta Bedáňová, Ph.D.
Empirical analysis of Chinese airport network as a complex weighted network Methodology Section Presented by Di Li.
Overview of Statistics
Security in SDR & cognitive radio
Introduction to Statistical Quality Control Douglas C. Montgomery
State University of Telecommunications
Fundamental Sampling Distributions and Data Descriptions
Presentation transcript:

Alexey A. Didyk Kherson national technical university, Ukraine

Problem of intrusions/anomalies detection is important component of information security. Intrusions/anomalies detection is a process of identification of computing or network activity which is malicious or unauthorized. Therefore, revealing of the set of informative characteristics for detection of abnormal network activity is top priority problem for solving of the task of computer system protection from unauthorized intrusions.

The idea is to examine if the multifractal properties of network traffic with some attacks differ from multifractal properties of normal traffic

Fractal is a structure (set) consisting of parts, which in any sense are similar to the whole. It is well known that the geometrical complexity of a fractal set may be described, at least in a global way, by giving its dimension. The fractal (Haussdorff) dimension D measures the degree of irregularity or roughness of a set. Fractal is a set which Haussdorff dimension is strict more than its topological dimension.

Multifractal is a certain association of various homogeneous fractal subsets of initial set, each of which has own value of fractal (Haussdorff) dimension. Multifractal spectrum (multifractal singularity spectrum) represents Haussdorff dimensions spectrum of homogeneous fractal subsets into which it is possible to break initial set. Multifractal analysis is concerned with describing the local singular behavior of measures, distributions, or functions in a geometrical and statistical fashion.

This dataset is a version of the 1999 DARPA intrusion detection evaluation dataset generated and managed by MIT Lincoln Labs. This data represents both normal and abnormal information collected in a test network, in which simulated attacks were performed. Number of packets parameter was selected to obtain multifractal characteristics of network traffic. This parameter was sampled each second (i.e. number of packets per second), using tcpstat.

Multifractal spectrum of NORMAL (LEFT) and ABNORMAL (RIGHT) network traffic

 multifractal spectrums of two sorts of network traffic have differences  multifractal formalism can be used for analysis of network traffic for purpose of revealing of abnormal network activity  multifractal spectrum can be used as express diagnostic tool for comparative analysis of network traffic structure

Alexey Didyk