VoIP Anomaly Detection - selected methods of statistical analysis

Paweł Dymora, Miroslaw Mazurek, Sławomir Jaskółka

Abstract


Self-similarity analysis and anomaly detection in networks are interesting fields of research and scientific work of scientists around the world. Simulation studies have demonstrated that the Hurst parameter estimation can be used to detect traffic anomaly. The actual network traffic is self-similar or long-range dependent. The dramatic expansion of applications on modern networks gives rise to a fundamental challenge to network security. The Hurst values are compared with confidence intervals of normal values to detect anomaly in VoIP.


Keywords


Hurst factor, anomaly detection, self-similarity, long-range dependence

Full Text:

PDF

References


M. Mazurek, P. Dymora, “Network Anomaly Detection Based on the Statistical Self-similarity Factor”, Analysis and Simulation of Electrical and Computer Systems Lecture Notes in Electrical Engineering Volume 324, Springer, pp 271-287, 2015.

M. Mazurek, P. Dymora, “Network anomaly detection based on the statistical self-similarity factor for HTTP protocol”, Przegląd elektrotechniczny, ISSN 0033-2097, R. 90 NR 1/2014, s.127 - 130, 2014.

M. Fernandez-Martinez, M.A. Sanchez-Granero, J.E. Trinidad Segovia, “Measuring the self-similarity exponent in Levy stable processes of financial time series”, Physica A 392, Elsevier, pp 5330-5345, 2013.

J. Cai, W. X. Liu, “A new Method of detecting network traffic anomalies”, Proceedings of the 2nd International Conference on Computer Science and Electronics Engineering, 2013, pp. 2800 – 2803.

P. Dymora, M. Mazurek, D. Strzałka, “Computer network traffic analysis with the use of statistical self-similarity factor”, t.XIII, s.69-81, 2013, Annales Universitatis Mariae Curie-Skłodowska Sectio AI Informatica, z. 2.

H. D. Jeong, J. S. Lee, D. McNickle, K. Pawlikowski, “Self-similar properties of malicious teletraffic”, Int. J. Comput. Syst. Sci. Eng., 28 (1), pp. 1–7, 2012.

H. Sengar, H. Wang, D. Wijesekera, and S. Jajodia, “Detecting VoIP Floods Using the Hellinger Distance”, IEEE Transactions on Parallel and Distributed Systems, Vol. 19, No. 6, pp. 794–805, 2008.

F. Mata, J. Aracil, and J. L. García-Dorado, “Automated detection of load changes in large-scale networks,” in Proceedings of TMA, 2009, pp. 34–41.




DOI: http://dx.doi.org/10.17951/ai.2016.16.2.14
Data publikacji: 2017-12-22 09:38:05
Data złożenia artykułu: 2017-12-18 14:07:25

Refbacks

  • There are currently no refbacks.


Copyright (c) 2017 Paweł Dymora, Miroslaw Mazurek, Sławomir Jaskółka

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.