Detecting Network Events by Analyzing Dynamic Behavior of Distributed Network

  • Haishou Ma
  • Yi XieEmail author
  • Zhen Wang
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 262)


Detecting network events has become a prevalent task in various network scenarios, which is essential for network management. Although a number of studies have been conducted to solve this problem, few of them concern about the universality issue. This paper proposes a General Network Behavior Analysis Approach (GNB2A) to address this issue. First, a modeling approach is proposed based on hidden Markov random field. Markovianity is introduced to model the spatio-temporal context of distributed network and stochastic interaction among interconnected and time-continuous events. Second, an expectation maximum algorithm is derived to estimate parameters of the model, and a maximum a posteriori criterion is utilized to detect network events. Finally, GNB2A is applied to three network scenarios. Experiments demonstrate the generality and practicability of GNB2A.


Behavior analysis Event detection Network modeling 


  1. 1.
    Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016). Scholar
  2. 2.
    Demigha, O., Hidouci, W.K., Ahmed, T.: On energy efficiency in collaborative target tracking in wireless sensor network: a review. IEEE Commun. Surv. Tutor. 15(3), 1210–1222 (2013). Scholar
  3. 3.
    Khaleghi, B., Khamis, A., Karray, F.O., Razavi, S.N.: Multisensor data fusion: a review of the state-of-the-art. Inf. Fusion 14(1), 28–44 (2013)., Scholar
  4. 4.
    Othman, M.F., Shazali, K.: Wireless sensor network applications: a study in environment monitoring system. Procedia Eng. 41, 1204–1210 (2012)CrossRefGoogle Scholar
  5. 5.
    Ramaki, A.A., Amini, M., Atani, R.E.: Rteca: real time episode correlation algorithm for multi-step attack scenarios detection. Comput. Secur. 49, 206–219 (2015)., Scholar
  6. 6.
    Wu, S., Liu, S., Lin, W., Zhao, X., Chen, S.: Detecting remote access trojans through external control at area network borders. In: 2017 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), pp. 131–141 (2017).
  7. 7.
    Xu, Q., Xiang, E.W., Yang, Q., Du, J., Zhong, J.: SMS spam detection using noncontent features. IEEE Intell. Syst. 27(6), 44–51 (2012). Scholar
  8. 8.
    Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Comput. Secur. 29(1), 124–140 (2010)., Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  1. 1.School of Electronics and Information TechnologySun Yat-sen UniversityGuangzhouChina
  2. 2.School of Data and Computer ScienceSun Yat-sen UniversityGuangzhouChina

Personalised recommendations