Advertisement

Detecting Network Events by Analyzing Dynamic Behavior of Distributed Network

  • Haishou Ma
  • Yi XieEmail author
  • Zhen Wang
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 262)

Abstract

Detecting network events has become a prevalent task in various network scenarios, which is essential for network management. Although a number of studies have been conducted to solve this problem, few of them concern about the universality issue. This paper proposes a General Network Behavior Analysis Approach (GNB2A) to address this issue. First, a modeling approach is proposed based on hidden Markov random field. Markovianity is introduced to model the spatio-temporal context of distributed network and stochastic interaction among interconnected and time-continuous events. Second, an expectation maximum algorithm is derived to estimate parameters of the model, and a maximum a posteriori criterion is utilized to detect network events. Finally, GNB2A is applied to three network scenarios. Experiments demonstrate the generality and practicability of GNB2A.

Keywords

Behavior analysis Event detection Network modeling 

References

  1. 1.
    Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016).  https://doi.org/10.1109/COMST.2015.2494502CrossRefGoogle Scholar
  2. 2.
    Demigha, O., Hidouci, W.K., Ahmed, T.: On energy efficiency in collaborative target tracking in wireless sensor network: a review. IEEE Commun. Surv. Tutor. 15(3), 1210–1222 (2013).  https://doi.org/10.1109/SURV.2012.042512.00030CrossRefGoogle Scholar
  3. 3.
    Khaleghi, B., Khamis, A., Karray, F.O., Razavi, S.N.: Multisensor data fusion: a review of the state-of-the-art. Inf. Fusion 14(1), 28–44 (2013).  https://doi.org/10.1016/j.inffus.2011.08.001, http://www.sciencedirect.com/science/article/pii/S1566253511000558CrossRefGoogle Scholar
  4. 4.
    Othman, M.F., Shazali, K.: Wireless sensor network applications: a study in environment monitoring system. Procedia Eng. 41, 1204–1210 (2012)CrossRefGoogle Scholar
  5. 5.
    Ramaki, A.A., Amini, M., Atani, R.E.: Rteca: real time episode correlation algorithm for multi-step attack scenarios detection. Comput. Secur. 49, 206–219 (2015).  https://doi.org/10.1016/j.cose.2014.10.006, http://www.sciencedirect.com/science/article/pii/S0167404814001527CrossRefGoogle Scholar
  6. 6.
    Wu, S., Liu, S., Lin, W., Zhao, X., Chen, S.: Detecting remote access trojans through external control at area network borders. In: 2017 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), pp. 131–141 (2017).  https://doi.org/10.1109/ANCS.2017.27
  7. 7.
    Xu, Q., Xiang, E.W., Yang, Q., Du, J., Zhong, J.: SMS spam detection using noncontent features. IEEE Intell. Syst. 27(6), 44–51 (2012).  https://doi.org/10.1109/MIS.2012.3CrossRefGoogle Scholar
  8. 8.
    Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Comput. Secur. 29(1), 124–140 (2010).  https://doi.org/10.1016/j.cose.2009.06.008, http://www.sciencedirect.com/science/article/pii/S016740480900073XCrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  1. 1.School of Electronics and Information TechnologySun Yat-sen UniversityGuangzhouChina
  2. 2.School of Data and Computer ScienceSun Yat-sen UniversityGuangzhouChina

Personalised recommendations