Substantiating Security Threats Using Different Views of Wireless Network Traces
File version
Author(s)
Muthukkumarasamy, Vallipuram
Mathews, Sunil
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Clark, A.
McPherson, M.
Mohay, G.
Date
Size
File type(s)
Location
Gold Coast, Australia
License
Abstract
Huge amounts of network traces can be collected from today's busy computer networks for various analysis. These traces could be used to detect intruders and other unusual events. Real time detection of outliers from large data sets can lead to effective intrusion detection and prevention. Presently, due to lack of fast on-the-fly updating and processing capabilities intrusion detection systems (IDSs) do not detect intruders instantly. Furthermore, most IDSs cannot adapt their detection mechanism in real time to accommodate legitimate dynamic changes. Achieving dynamic adaptation in real time has been a long standing desire for effective intrusion detection and prevention. Organizations which heavily rely on network activities are in need of an ID that could detect intruders in advance and stop them before they could cause chaos. In this context we propose a novel mechanism to detect intruders in real time. Our system monitors for timing and behavioral anomalies and uses outlier based data association techniques to substantiate the anomaly. In this paper we introduce the concept of views and their use in substantiating security threats. We have tested our concept on data captured from our experimental wireless network environment and we present the results obtained from our analysis.
Journal Title
Conference Title
Proceedings of AusCERT Asia Pacific Information Technology Security Conference (AusCERT2007)
Book Title
Edition
Volume
Issue
Thesis Type
Degree Program
School
Publisher link
DOI
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement
Item Access Status
Note
Access the data
Related item(s)
Subject
History and Archaeology