Real-Time Representation of Network Traffic Behavior for Enhanced Security

I
ICITA
2005
Third International Conference on Information Technology and Applications (ICITA'05) Volume 2
Abstract - Real-Time Representation of Network Traffic Behavior for Enhanced Security

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by John C. McEachen Articles by John M. Zachary

Third International Conference on Information Technology and Applications (ICITA'05) Volume 2

Sydney, Australia

July 04-July 07

ISBN: 0-7695-2316-1

	ASCII Text	x
	John C. McEachen, John M. Zachary, "Real-Time Representation of Network Traffic Behavior for Enhanced Security," Information Technology and Applications, International Conference on, vol. 2, pp. 214-219, Third International Conference on Information Technology and Applications (ICITA'05) Volume 2, 2005.

	BibTex	x
	@article{ 10.1109/ICITA.2005.230, author = {John C. McEachen and John M. Zachary}, title = {Real-Time Representation of Network Traffic Behavior for Enhanced Security}, journal ={Information Technology and Applications, International Conference on}, volume = {2}, year = {2005}, isbn = {0-7695-2316-1}, pages = {214-219}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICITA.2005.230}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Information Technology and Applications, International Conference on TI - Real-Time Representation of Network Traffic Behavior for Enhanced Security SN - 0-7695-2316-1 SP214 EP219 A1 - John C. McEachen, A1 - John M. Zachary, PY - 2005 KW - Intrusion detection KW - network diagnostics KW - statistical mechanics VL - 2 JA - Information Technology and Applications, International Conference on ER -

John C. McEachen, Naval Postgraduate School

John M. Zachary, Innovative Emergency Management, Inc.

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICITA.2005.230

This paper presents a model for real-time network monitoring and anomaly detection that provides a holistic view of network conversation exchanges. We argue that monitoring and anomaly detection are necessary mechanisms for ensuring secure and dependable network computing infrastructure. The model for network traffic exchange is based on a modified Ehrenfest urn model and combines statistical physics and queuing theory to provide macrostate descriptions of complex networked systems when the exact microstate parameters of each element in the system precludes global understanding from first principles. The conversation exchange dynamics model for real-time network monitoring and anomaly detection is formally presented in this context as a system-driven data reduction model. The model induces a unique real-time visualization capability for network monitoring and detection of anomalous events. An implementation of the model and visualization capability is presented along with laboratory tests and successful detection of computer network attacks.

Index Terms:

Intrusion detection, network diagnostics, statistical mechanics

Citation:

John C. McEachen, John M. Zachary, "Real-Time Representation of Network Traffic Behavior for Enhanced Security," icita, vol. 2, pp.214-219, Third International Conference on Information Technology and Applications (ICITA'05) Volume 2, 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.