T. Zinner, D. Staehle, P. Tran-Gia, A. Mader, K. Tutschku
{"title":"多探针统计异常检测系统中信息接收器的性能评价","authors":"T. Zinner, D. Staehle, P. Tran-Gia, A. Mader, K. Tutschku","doi":"10.1109/ATNAC.2008.4783291","DOIUrl":null,"url":null,"abstract":"Statistical anomaly detection (SAD) becomes an increasingly important tool for the early recognition of potential threats for security-relevant information systems. SAD systems heavily rely on the probing of potentially very large networks. Our contribution is an analysis of the resource requirements on the information sink which constitutes the bottleneck of Client/Server-based SAD systems. In order to dimension the system appropriately, we investigate the trade-off between accumulated and distributed arrival patterns, and the impact of the processing phase of the information sink.","PeriodicalId":143803,"journal":{"name":"2008 Australasian Telecommunication Networks and Applications Conference","volume":"30 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Performance Evaluation of the Information Sink in a Multi-Probe Statistical Anomaly Detection System\",\"authors\":\"T. Zinner, D. Staehle, P. Tran-Gia, A. Mader, K. Tutschku\",\"doi\":\"10.1109/ATNAC.2008.4783291\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Statistical anomaly detection (SAD) becomes an increasingly important tool for the early recognition of potential threats for security-relevant information systems. SAD systems heavily rely on the probing of potentially very large networks. Our contribution is an analysis of the resource requirements on the information sink which constitutes the bottleneck of Client/Server-based SAD systems. In order to dimension the system appropriately, we investigate the trade-off between accumulated and distributed arrival patterns, and the impact of the processing phase of the information sink.\",\"PeriodicalId\":143803,\"journal\":{\"name\":\"2008 Australasian Telecommunication Networks and Applications Conference\",\"volume\":\"30 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 Australasian Telecommunication Networks and Applications Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ATNAC.2008.4783291\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 Australasian Telecommunication Networks and Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ATNAC.2008.4783291","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Performance Evaluation of the Information Sink in a Multi-Probe Statistical Anomaly Detection System
Statistical anomaly detection (SAD) becomes an increasingly important tool for the early recognition of potential threats for security-relevant information systems. SAD systems heavily rely on the probing of potentially very large networks. Our contribution is an analysis of the resource requirements on the information sink which constitutes the bottleneck of Client/Server-based SAD systems. In order to dimension the system appropriately, we investigate the trade-off between accumulated and distributed arrival patterns, and the impact of the processing phase of the information sink.