{"title":"使用自适应无损压缩来表征网络流量","authors":"K. Benson, L. Marvel","doi":"10.1109/CISS.2009.5054730","DOIUrl":null,"url":null,"abstract":"Detecting anomalies in network traffic is a challenging task, not only because of the inherent difficulty of identifying anomalies such as intrusions [1] but also because of the sheer volume of data. In this paper, we attempt to extend existing work in the field of steganalysis to the problem of detecting anomalies in network traffic. By losslessly compressing network traffic using an adaptive compression algorithm, we postulate that it is possible to characterize normal network traffic. Once typical traffic has been defined, it is possible to identify anomalous traffic as the traffic that does not compress well.","PeriodicalId":433796,"journal":{"name":"2009 43rd Annual Conference on Information Sciences and Systems","volume":"48 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-03-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Using adaptive lossless compression to characterize network traffic\",\"authors\":\"K. Benson, L. Marvel\",\"doi\":\"10.1109/CISS.2009.5054730\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Detecting anomalies in network traffic is a challenging task, not only because of the inherent difficulty of identifying anomalies such as intrusions [1] but also because of the sheer volume of data. In this paper, we attempt to extend existing work in the field of steganalysis to the problem of detecting anomalies in network traffic. By losslessly compressing network traffic using an adaptive compression algorithm, we postulate that it is possible to characterize normal network traffic. Once typical traffic has been defined, it is possible to identify anomalous traffic as the traffic that does not compress well.\",\"PeriodicalId\":433796,\"journal\":{\"name\":\"2009 43rd Annual Conference on Information Sciences and Systems\",\"volume\":\"48 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-03-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 43rd Annual Conference on Information Sciences and Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CISS.2009.5054730\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 43rd Annual Conference on Information Sciences and Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CISS.2009.5054730","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Using adaptive lossless compression to characterize network traffic
Detecting anomalies in network traffic is a challenging task, not only because of the inherent difficulty of identifying anomalies such as intrusions [1] but also because of the sheer volume of data. In this paper, we attempt to extend existing work in the field of steganalysis to the problem of detecting anomalies in network traffic. By losslessly compressing network traffic using an adaptive compression algorithm, we postulate that it is possible to characterize normal network traffic. Once typical traffic has been defined, it is possible to identify anomalous traffic as the traffic that does not compress well.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
