Abstract
Intrusion detection system can make effective alarm for illegality of network users, which is absolutely necessarily and important to build security environment of communication base service. According to the principle that the number of network traffic can affect the degree of self-similar traffic, the paper investigates the variety of self-similarity resulted from unconventional network traffic. A network traffic model based on normal behaviors of user is proposed and the Hurst parameter of this model can be calculated. By comparing the Hurst parameter of normal traffic and the self-similar parameter, we can judge whether the network is normal or not and alarm in time.
Similar content being viewed by others
References
Anderson J P.Computer Security Threat Monitoring and Surveillance. Technical Report. Washington: James P Anderson Co, Fort Apr 1980. <http://csrc.nist.gov/publications/history/> May 2004.
Bian Zhao-qi, Yan Ping-fan, Yang Cun-rong.Pattern Recognition. Beijing: Tsinghua University Press, 1988 (Ch).
Lunt T F, Tamaru A, Gilham F,et al. A Real Time Instrusion Detection Expert System (IDES).http://www.sdl.sri.com/projects/nides/reports/qsri.pdf, May 2004.
Kumar G.Classi fication and Detection of Computer Intrusions [Ph. D. Dissertation], West Lafayette: Purdue University, 1995.
White G B, Fisch E A, Pooch U W. Cooperating Security Managers: A Peer Based Intrusion Detection System.IEEE Network, 1996,10(1):20–23.
Crovella M E, Bestavros A. Self-Similarity in World Wide Web Traffic: Evidence and Possible Causes.IEEE/ACM Trans on Networking, 1997,5(6):835–846.
Leland W E, Taqqu M S, Willinger W,et al. On the Self-Similar Nature of Ethernet Traffic.IEEE/ACM Trans On Networking, 1994,2(1):1–15.
Hochberg J, Jackson K, Staltings C,et al. NADIR: An Automated System for Detecting Network Intrusion and Misuse.Computer and Security, 1993,12(3):235–248.
Forrest S, Hofmery S A, Somayaji A. Computer Immunology.Communications of the ACM, 1997,40(10):88–96.
Zhang Lian-fang, Xue Fei, Shu Yan-tai. Models of Self-Similar Traffic On High-Speed Network And The Performance Evaluation.Computer Research and Development, 1998,35 (6):548–552 (Ch).
Author information
Authors and Affiliations
Corresponding author
Additional information
Foundation item: Supported by the Natural Science Foundation of Hunan Province (03JJY3103)
Biography: YU Fei (1973-), male, Ph. D candidate, research direction: network security.
Rights and permissions
About this article
Cite this article
Fei, Y., Miao-liang, Z., Yu-feng, C. et al. An intrusion alarming system based on self-similarity of network traffic. Wuhan Univ. J. Nat. Sci. 10, 169–173 (2005). https://doi.org/10.1007/BF02828642
Received:
Issue Date:
DOI: https://doi.org/10.1007/BF02828642