Connectionist model for distributed adaptive network anomaly detection system

Muhammad Fermi Pasha; Rahmat Budiarto; Mohammad Syukur

doi:10.1109/icmlc.2005.1527622

Connectionist model for distributed adaptive network anomaly detection system

Muhammad Fermi Pasha, Rahmat Budiarto, Mohammad Syukur

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

4 Citations (Scopus)

Abstract

When diagnosing network problems, it is desirable to have a view of the traffic inside the network. This can be achieved by profiling the traffic. A fully profiled traffic can contain significant information of the network's current state, and can be further used to detect anomalous traffic. Many has addressed problems of profiling network traffic, but unfortunately there are no specific profiles could lasts forever for one particular network, since network traffic characteristic always changes over and over based on the sum of nodes, software that being used, type of access, etc. This paper introduces an online adaptive system using Evolving Connectionist Systems based connectionist model to profile network traffic in continuous manner while at the same time try to detect anomalous activity inside the network in real-time and adapt with changes if necessary. Different from an offline approach, which usually profile network traffic using previously captured data for a certain period of time, an online and adaptive approach can use a shorter period of data capturing and evolve its profile if the characteristic of the network traffic has changed.

Original language	English
Title of host publication	2005 International Conference on Machine Learning and Cybernetics, ICMLC 2005
Publisher	IEEE, Institute of Electrical and Electronics Engineers
Pages	3915-3920
Number of pages	6
ISBN (Print)	078039092X, 9780780390928
DOIs	https://doi.org/10.1109/icmlc.2005.1527622
Publication status	Published - 2005
Externally published	Yes
Event	International Conference on Machine Learning and Cybernetics 2005 - Guangzhou, China Duration: 18 Aug 2005 → 21 Aug 2005 Conference number: 4th https://link.springer.com/book/10.1007/11739685 (Proceedings)

Conference

Conference	International Conference on Machine Learning and Cybernetics 2005
Abbreviated title	ICMLC 2005
Country/Territory	China
City	Guangzhou
Period	18/08/05 → 21/08/05
Internet address	https://link.springer.com/book/10.1007/11739685 (Proceedings)

Keywords

Adaptive System
Distributed Anomaly Detection
Evolvable-Neural-Based Fuzzy Inference System
Evolving Connectionist Systems

Access to Document

10.1109/icmlc.2005.1527622

Cite this

@inproceedings{55b0a6fa9e8343359c433dd8d1780a70,

title = "Connectionist model for distributed adaptive network anomaly detection system",

abstract = "When diagnosing network problems, it is desirable to have a view of the traffic inside the network. This can be achieved by profiling the traffic. A fully profiled traffic can contain significant information of the network's current state, and can be further used to detect anomalous traffic. Many has addressed problems of profiling network traffic, but unfortunately there are no specific profiles could lasts forever for one particular network, since network traffic characteristic always changes over and over based on the sum of nodes, software that being used, type of access, etc. This paper introduces an online adaptive system using Evolving Connectionist Systems based connectionist model to profile network traffic in continuous manner while at the same time try to detect anomalous activity inside the network in real-time and adapt with changes if necessary. Different from an offline approach, which usually profile network traffic using previously captured data for a certain period of time, an online and adaptive approach can use a shorter period of data capturing and evolve its profile if the characteristic of the network traffic has changed.",

keywords = "Adaptive System, Distributed Anomaly Detection, Evolvable-Neural-Based Fuzzy Inference System, Evolving Connectionist Systems",

author = "Pasha, {Muhammad Fermi} and Rahmat Budiarto and Mohammad Syukur",

year = "2005",

doi = "10.1109/icmlc.2005.1527622",

language = "English",

isbn = "078039092X",

pages = "3915--3920",

booktitle = "2005 International Conference on Machine Learning and Cybernetics, ICMLC 2005",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

address = "United States of America",

url = "https://link.springer.com/book/10.1007/11739685",

}

Pasha, MF, Budiarto, R & Syukur, M 2005, Connectionist model for distributed adaptive network anomaly detection system. in 2005 International Conference on Machine Learning and Cybernetics, ICMLC 2005. IEEE, Institute of Electrical and Electronics Engineers, pp. 3915-3920, International Conference on Machine Learning and Cybernetics 2005, Guangzhou, China, 18/08/05. https://doi.org/10.1109/icmlc.2005.1527622

Connectionist model for distributed adaptive network anomaly detection system. / Pasha, Muhammad Fermi; Budiarto, Rahmat; Syukur, Mohammad.
2005 International Conference on Machine Learning and Cybernetics, ICMLC 2005. IEEE, Institute of Electrical and Electronics Engineers, 2005. p. 3915-3920.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research › peer-review

TY - GEN

T1 - Connectionist model for distributed adaptive network anomaly detection system

AU - Pasha, Muhammad Fermi

AU - Budiarto, Rahmat

AU - Syukur, Mohammad

N1 - Conference code: 4th

PY - 2005

Y1 - 2005

N2 - When diagnosing network problems, it is desirable to have a view of the traffic inside the network. This can be achieved by profiling the traffic. A fully profiled traffic can contain significant information of the network's current state, and can be further used to detect anomalous traffic. Many has addressed problems of profiling network traffic, but unfortunately there are no specific profiles could lasts forever for one particular network, since network traffic characteristic always changes over and over based on the sum of nodes, software that being used, type of access, etc. This paper introduces an online adaptive system using Evolving Connectionist Systems based connectionist model to profile network traffic in continuous manner while at the same time try to detect anomalous activity inside the network in real-time and adapt with changes if necessary. Different from an offline approach, which usually profile network traffic using previously captured data for a certain period of time, an online and adaptive approach can use a shorter period of data capturing and evolve its profile if the characteristic of the network traffic has changed.

AB - When diagnosing network problems, it is desirable to have a view of the traffic inside the network. This can be achieved by profiling the traffic. A fully profiled traffic can contain significant information of the network's current state, and can be further used to detect anomalous traffic. Many has addressed problems of profiling network traffic, but unfortunately there are no specific profiles could lasts forever for one particular network, since network traffic characteristic always changes over and over based on the sum of nodes, software that being used, type of access, etc. This paper introduces an online adaptive system using Evolving Connectionist Systems based connectionist model to profile network traffic in continuous manner while at the same time try to detect anomalous activity inside the network in real-time and adapt with changes if necessary. Different from an offline approach, which usually profile network traffic using previously captured data for a certain period of time, an online and adaptive approach can use a shorter period of data capturing and evolve its profile if the characteristic of the network traffic has changed.

KW - Adaptive System

KW - Distributed Anomaly Detection

KW - Evolvable-Neural-Based Fuzzy Inference System

KW - Evolving Connectionist Systems

UR - http://www.scopus.com/inward/record.url?scp=28444443786&partnerID=8YFLogxK

U2 - 10.1109/icmlc.2005.1527622

DO - 10.1109/icmlc.2005.1527622

M3 - Conference Paper

AN - SCOPUS:28444443786

SN - 078039092X

SN - 9780780390928

SP - 3915

EP - 3920

BT - 2005 International Conference on Machine Learning and Cybernetics, ICMLC 2005

PB - IEEE, Institute of Electrical and Electronics Engineers

T2 - International Conference on Machine Learning and Cybernetics 2005

Y2 - 18 August 2005 through 21 August 2005

ER -

Connectionist model for distributed adaptive network anomaly detection system

Abstract

Conference

Keywords

Access to Document

Other files and links

Cite this