Network intrusion and fault detection: A statistical anomaly approach

Authors

Constantine Manikopoulos, Newark College of Engineering
Symeon Papavassiliou, Newark College of Engineering

Document Type

Article

Publication Date

10-1-2002

Abstract

With the advent and explosive growth of the global Internet and electronic commerce environments, adaptive/automatic network/service intrusion and anomaly detection in wide area data networks and e-commerce infrastructures is fast gaining critical research and practical importance. In this article we present and demonstrate the use of a general-purpose hierarchical multitier multiwindow statistical anomaly detection technology and system that operates automatically, adaptively, and proactively, and can be applied to various networking technologies, including both wired and wireless ad hoc networks. Our method uses statistical models and multivariate classifiers to detect anomalous network conditions. Some numerical results are also presented that demonstrate that our proposed methodology can reliably detect attacks with traffic anomaly intensity as low as 3-5 percent of the typical background traffic intensity, thus promising to generate an effective early warning.

Identifier

0036804085 (Scopus)

Publication Title

IEEE Communications Magazine

External Full Text Location

https://doi.org/10.1109/MCOM.2002.1039860

ISSN

01636804

First Page

76

Last Page

82

Issue

10

Volume

40

Fund Ref

Small Business Innovation Research

Recommended Citation

Manikopoulos, Constantine and Papavassiliou, Symeon, "Network intrusion and fault detection: A statistical anomaly approach" (2002). Faculty Publications. 14601.
https://digitalcommons.njit.edu/fac_pubs/14601