Skip to main content
SpringerLink
Log in

Modeling Traffic Flow Using Conversation Exchange Dynamics for Identifying Network Attacks

  • Conference paper
Universal Multiservice Networks (ECUMN 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3262))

Included in the following conference series:

  • 301 Accesses

Abstract

We present a novel approach to identifying anomalous network events Specifically, a method for characterizing and displaying the flow of conversations across a distributed system with a high number of interacting entities is discussed and analyzed. Results from from attacks contained in the DARPA Lincoln Lab IDS test data and from operational network traffic are presented. These results suggest that our approach presents a unique perspective on anomalies in computer network traffic.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Axelsson, S.: Intrusion detection systems: A survey and taxonomy. Chalmers University Technical Report 99-15 (March 2000)

    Google Scholar 

  2. Burgess, M.: Thermal, nonequilibrium phase space for networked computers. The American Physical Society G2(2), 1738–1742 (2000)

    Google Scholar 

  3. Evans, S.C., Barnett, B.: Network security through conservation of complexity. In: Proceedings of IEEE Military Comms. Conf (MILCOM 2002), Los Angeles , pp. 1133–1138 (October 2002)

    Google Scholar 

  4. Donald, S.D., McMillen, R.V., Ford, D.A., McEachen, J.C.: Therminator 2: A realtime system for patternless intrusion detection. In: Proc. of the IEEE Military Comms. Conf (MILCOM 2002), Los Angeles, pp. 1498–1502 (October 2002)

    Google Scholar 

  5. Crovella, M., Bestavros, A.: Self-Similarity in world-wide web traffic: Evidence and possible causes. In: Proc. ACM Sigmetrics Conf. on Meas. And Mod. Of Comp. Sys. (May 1996)

    Google Scholar 

  6. Arlitt, M., Jin, T.: A workload characterization study of the 1998 world cup web site. IEEE Network (May/June 2000)

    Google Scholar 

  7. Massachusetts Institute Of Technology, Lincoln Laboratory, DARPA Intrusion Detection Evaluation ,September 14 (2003), http://www.ll.mit.edu/IST/ideval/index.html

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, University of South Carolina, Columbia, SC, USA

    Sudhamsu Mylavarapu

  2. Department of Electrical and Computer Engineering, Naval Postgraduate School, Monterey, CA, USA

    John C. McEachen, Stefan L. Walch & John S. Marinovich

  3. Innovative Emergency Management, Inc, Baton Rouge, LA, USA

    John M. Zachary

Authors
  1. Sudhamsu Mylavarapu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. John C. McEachen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. John M. Zachary
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Stefan L. Walch
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. John S. Marinovich
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Beira Interior, Rua Marques d’Avila e Bolama, 6201-001, Covilha, Portugal

    Mário Marques Freire

  2. France Telecom, Research and Development, CORE/SPP, 37-40 rue du Général Leclerc, 92794, Issy-les-Moulineaux Cedex 9, France

    Prosper Chemouil

  3. IUT, University of Haute Alsace, 34, rue du Grillenbreit, 68008, Colmar, France

    Pascal Lorenz

  4. Département Informatique, ENST-Bretagne, CS 83818, 29238, Brest Cedex 3, France

    Annie Gravey

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mylavarapu, S., McEachen, J.C., Zachary, J.M., Walch, S.L., Marinovich, J.S. (2004). Modeling Traffic Flow Using Conversation Exchange Dynamics for Identifying Network Attacks. In: Freire, M.M., Chemouil, P., Lorenz, P., Gravey, A. (eds) Universal Multiservice Networks. ECUMN 2004. Lecture Notes in Computer Science, vol 3262. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30197-4_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30197-4_32

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23551-4

  • Online ISBN: 978-3-540-30197-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation