The Experts below are selected from a list of 342270 Experts worldwide ranked by ideXlab platform
He Wei-song - One of the best experts on this subject based on the ideXlab platform.
-
Network Traffic Anomaly Detection Based on Data Mining in Time-series Graph
Computer Science, 2009Co-Authors: He Wei-songAbstract:Comprehensive collection and accurate description of Traffic information are core problems in Network Traffic anomaly detection.Aiming at the lack of Traffic anomaly detection in analyzing multi-time series,we proposed a Network Traffic anomaly detection method based on graph mining.Our method accurately and completely described the relationship among multi-time series which are used in Traffic anomaly detection by time-series graph. By mean of the support count of the patterns,our method mined all the frequent patterns,which is conducive to detecting many kinds of abnormal Traffic effectively, through mining the relationship among all pattern sets,our method introduced weight coefficients of the pattern sets,which is able to solve relationship quantification issues of multi-time series in Traffic anomaly detection.The simulation results show that the proposed method can effectively detect the Network Traffic anomaly and achieves a higher accuracy than the based CWT (Continuous Wavelet Transform) method in term of DDos attacks detection.
Walter Willinger - One of the best experts on this subject based on the ideXlab platform.
-
self similar Network Traffic and performance evaluation
2000Co-Authors: Kihong Park, Walter WillingerAbstract:Self-Similar Network Traffic: An Overview (K. Park & W. Willinger). Wavelets for the Analysis, Estimation, and Synthesis of Scaling Data (P. Abry, et al.). Simulations with Heavy-Tailed Workloads (M. Crovella & L. Lipsky). Queueing Behavior Under Fractional Brownian Traffic (I. Norros). Heavy Load Queueing Analysis with LRD On/Off Sources (F. Brichet, et al.). The Single Server Queue: Heavy Tails and Heavy Traffic (O. Boxma & J. Cohen). Fluid Queues, On/Off Processes, and TeleTraffic Modeling with Highly Variable and Correlated Inputs (S. Resnick & G. Samorodnitsky). Bounds on the Buffer Occupancy Probability with Self-Similar Input Traffic (N. Likhanov). Buffer Asymptotics for M/G/ Input Processes (A. Makowski & M. Parulekar). Asymptotic Analysis of Queues with Subexponential Arrival Processes (P. Jelenkovi). Traffic and Queueing from an Unbounded Set of Independent Memoryless On/Off Sources (P. Jacquet). Long-Range Dependence and Queueing Effects for VBR Video (D. Heyman & T. Lakshman). Analysis of Transient Loss Performance Impact of Long-Range Dependence in Network Traffic (G.-L. Li & V. Li). The Protocol Stack and Its Modulating Effect on Self-Similar Traffic (K. Park, et al.). Characteristics of TCP Connection Arrivals (A. Feldmann). Engineering for Quality of Service (J. Roberts). Network Design and Control Using On/Off and Multilevel Source Traffic Models with Heavy-Tailed Distributions (N. Duffield & W. Whitt). Congestion Control for Self-Similar Network Traffic (T. Tuan & K. Park). Quality of Service Provisioning for Long-Range-Dependent Real-Time Traffic (A. Adas & A. Mukherjhee). Toward an Improved Understanding of Network Traffic Dynamics (R. Riedi & W. Willinger). Future Directions and Open Problems in Performance Evaluation and Control of Self-Similar Network Traffic (K. Park). Index.
-
scaling analysis of conservative cascades with applications to Network Traffic
IEEE Transactions on Information Theory, 1999Co-Authors: Anna C Gilbert, Walter Willinger, Anja FeldmannAbstract:Previous studies have demonstrated that measured wide-area Network Traffic such as Internet Traffic exhibits locally complex irregularities, consistent with multifractal behavior. It has also been shown that the observed multifractal structure becomes most apparent when analyzing measured Network Traffic at a particular layer in the well-defined protocol hierarchy that characterizes modern data Networks, namely the transport or transmission control protocol (TCP) layer. To investigate this new scaling phenomenon associated with the dynamics of measured Network Traffic over small time scales, we consider a class of multiplicative processes, the so-called conservative cascades, that serves as a cascade paradigm for and is motivated by the Networking application. We present a wavelet-based time/scale analysis of these cascades to determine rigorously their global and local-scaling behavior. In particular, we prove that for the class of multifractals generated by these conservative cascades the multifractal formalism applies and is valid, and we illustrate some of the wavelet-based techniques for inferring multifractal scaling behavior by applying them to a set of wide-area Traffic traces.
-
is Network Traffic self similar or multifractal
Fractals, 1997Co-Authors: Murad S Taqqu, Vadim Teverovsky, Walter WillingerAbstract:This paper addresses the question of whether self-similar processes are sufficient to model packet Network Traffic, or whether a broader class of multifractal processes is needed. By using the absolute moments of aggregate Traffic measurements, we conclude that measured local-area Network (LAN) and wide-area Network (WAN) Traffic traces, with the sample means subtracted, are well modeled by random processes that are either exactly or asymptotically self-similar.
Wei Xiong - One of the best experts on this subject based on the ideXlab platform.
-
anomaly secure detection methods by analyzing dynamic characteristics of the Network Traffic in cloud communications
Information Sciences, 2014Co-Authors: Wei Xiong, Hanping Hu, Naixue Xiong, Laurence T Yang, Wenchih Peng, Xiaofei Wang, Yanzhen QuAbstract:Cloud computing represents a new paradigm where computing resources are offered as services in the world via communication Internet. As many new types of attacks are arising at a high frequency, the cloud computing services are exposed to an increasing amount of security threats. To reduce security risks, two approaches of the Network Traffic anomaly detection in cloud communications have been presented, which analyze dynamic characteristics of the Network Traffic based on the synergetic neural Networks and the catastrophe theory. In the former approach, a synergetic dynamic equation with a group of the order parameters is used to describe the complex behaviors of the Network Traffic system in cloud communications. When this equation is evolved, only the order parameter determined by the primary factors can converge to 1. Then, the anomaly can be detected. In the latter approach, a catastrophe potential function is introduced to describe the catastrophe dynamic process of the Network Traffic in cloud communications. When anomalies occur, the state of the Network Traffic will deviate from the normal one. To assess the deviation, an index named as catastrophe distance is defined. The Network Traffic anomaly can be detected by the value of this index. We evaluate the performance of these two approaches using the standard Defense Advanced Research Projects Agency data sets. Experimental results show that our approaches can effectively detect the Network Traffic anomaly and achieve the high detection probability and the low false alarms rate.
Ali Dehghantanha - One of the best experts on this subject based on the ideXlab platform.
-
leveraging machine learning techniques for windows ransomware Network Traffic detection
arXiv: Cryptography and Security, 2018Co-Authors: Omar M Alhawi, James Baldwin, Ali DehghantanhaAbstract:Ransomware has become a significant global threat with the ransomware-as-a-service model enabling easy availability and deployment, and the potential for high revenues creating a viable criminal business model. Individuals, private companies or public service providers e.g. healthcare or utilities companies can all become victims of ransomware attacks and consequently suffer severe disruption and financial loss. Although machine learning algorithms are already being used to detect ransomware, variants are being developed to specifically evade detection when using dynamic machine learning techniques. In this paper we introduce NetConverse, a machine learning evaluation study for consistent detection of Windows ransomware Network Traffic. Using a dataset created from conversation-based Network Traffic features we achieved a True Positive Rate (TPR) of 97.1% using the Decision Tree (J48) classifier.
-
Network Traffic forensics on firefox mobile os facebook twitter and telegram as case studies
arXiv: Cryptography and Security, 2017Co-Authors: Mohd Najwadi Yusoff, Ali Dehghantanha, Ramlan MahmodAbstract:Development of mobile web-centric OS such as Firefox OS has created new challenges, and opportunities for digital investigators. Network Traffic forensic plays an important role in cybercrime investigation to detect subject(s) and object(s) of the crime. In this chapter, we detect and analyze residual Network Traffic artefacts of Firefox OS in relation to two popular social Networking applications (Facebook and Twitter) and one instant messaging application (Telegram). We utilized a Firefox OS simulator to generate relevant Traffic while all communication data were captured using Network monitoring tools. Captured Network packets were examined and remnants with forensic value were reported. This paper as the first focused study on mobile Firefox OS Network Traffic analysis should pave the way for the future research in this direction.
-
Network Traffic forensics on firefox mobile os facebook twitter and telegram as case studies
Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, 2017Co-Authors: Mohd Najwadi Yusoff, Ali Dehghantanha, Ramlan MahmodAbstract:The development of a mobile web-centric OS such as Firefox OS (FxOS) has created new challenges and opportunities for digital investigators. Network Traffic forensics plays an important role in cybercrime investigation to detect subject(s) and object(s) of the crime. In this chapter we detect and analyze residual Network Traffic artifacts of FxOS in relation to two popular social Networking applications (Facebook and Twitter) and one instant messaging application (Telegram). We utilized a FxOS simulator to generate relevant Traffic while all communication data were captured using Network monitoring tools. Captured Network packets were examined and remnants with forensic value were reported. This paper, as the first focused study on mobile FxOS Network Traffic analysis, should pave the way for the future research in this direction.
Ramlan Mahmod - One of the best experts on this subject based on the ideXlab platform.
-
Network Traffic forensics on firefox mobile os facebook twitter and telegram as case studies
arXiv: Cryptography and Security, 2017Co-Authors: Mohd Najwadi Yusoff, Ali Dehghantanha, Ramlan MahmodAbstract:Development of mobile web-centric OS such as Firefox OS has created new challenges, and opportunities for digital investigators. Network Traffic forensic plays an important role in cybercrime investigation to detect subject(s) and object(s) of the crime. In this chapter, we detect and analyze residual Network Traffic artefacts of Firefox OS in relation to two popular social Networking applications (Facebook and Twitter) and one instant messaging application (Telegram). We utilized a Firefox OS simulator to generate relevant Traffic while all communication data were captured using Network monitoring tools. Captured Network packets were examined and remnants with forensic value were reported. This paper as the first focused study on mobile Firefox OS Network Traffic analysis should pave the way for the future research in this direction.
-
Network Traffic forensics on firefox mobile os facebook twitter and telegram as case studies
Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, 2017Co-Authors: Mohd Najwadi Yusoff, Ali Dehghantanha, Ramlan MahmodAbstract:The development of a mobile web-centric OS such as Firefox OS (FxOS) has created new challenges and opportunities for digital investigators. Network Traffic forensics plays an important role in cybercrime investigation to detect subject(s) and object(s) of the crime. In this chapter we detect and analyze residual Network Traffic artifacts of FxOS in relation to two popular social Networking applications (Facebook and Twitter) and one instant messaging application (Telegram). We utilized a FxOS simulator to generate relevant Traffic while all communication data were captured using Network monitoring tools. Captured Network packets were examined and remnants with forensic value were reported. This paper, as the first focused study on mobile FxOS Network Traffic analysis, should pave the way for the future research in this direction.
