loading...
 This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Second IEEE International Information Assurance Workshop (IWIA'04)
Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection
Charlotte, North Carolina
April 08-April 09
ISBN: 0-7695-2117-7
ASCII Text
x 
 
John Zachary, John McEachen, Dan Ettlich, "Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection," Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on, pp. 59, Second IEEE International Information Assurance Workshop (IWIA'04), 2004.
 
 
BibTex
x
 
@article{ 10.1109/IWIA.2004.1288038,
author = {John Zachary and John McEachen and Dan Ettlich},
title = {Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection},
journal ={Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on},
volume = {0},
year = {2004},
isbn = {0-7695-2117-7},
pages = {59},
doi = {http://doi.ieeecomputersociety.org/10.1109/IWIA.2004.1288038},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - CONF
JO - Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on
TI - Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection
SN - 0-7695-2117-7
SP
EP
A1 - John Zachary,
A1 - John McEachen,
A1 - Dan Ettlich,
PY - 2004
KW - Network assurance
KW - network anomaly detection
KW - real-time network monitoring
KW - visualization
KW - denial of service
VL - 0
JA - Information Assurance, IEEE International Workshop on/Innovative Architecture for Future Generation High-Performance Processors and Systems, International Workshop on/Innovative Architecture, International Workshop on
ER -
 
John Zachary, University of South Carolina, Columbia
John McEachen, Naval Postgraduate School, Monterey, CA
Dan Ettlich, Naval Postgraduate School, Monterey, CA
This paper presents a model for real-time network monitoring and anomaly detection that provides a holistic view of network conversation exchanges. We argue that monitoring and anomaly detection are necessary mechanisms for ensuring secure and dependable network computing infrastructure. The model for network traffic exchange is based on a modified Ehrenfest urn model. The motivation for the model is heavily influenced by the success of statistical physics to provide macrostate descriptions of physical systems when the exact microstate parameters of each element in the system precludes understanding from first principles. The conversation exchange dynamics model for real-time network monitoring and anomaly detection is formally described. The model induces a unique real-time visualization capability for network monitoring and detection of anomalous events. An implementation of the model and visualization capability is presented along with laboratory tests and successful detection of real world events, including a Code Red worm attack.
Index Terms:
Network assurance, network anomaly detection, real-time network monitoring, visualization, denial of service
Citation:
John Zachary, John McEachen, Dan Ettlich, "Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection," iwia, pp.59, Second IEEE International Information Assurance Workshop (IWIA'04), 2004
Usage of this product signifies your acceptance of the Terms of Use.