an approach for detecting anomalies by assessing the inter arrival time of UDP packets and flows using benford's law
عنوان مقاله: an approach for detecting anomalies by assessing the inter arrival time of UDP packets and flows using benford's law
شناسه ملی مقاله: KBEI02_087
منتشر شده در دومین کنفرانس بین المللی مهندسی دانش بنیان و نوآوری در سال 1394
شناسه ملی مقاله: KBEI02_087
منتشر شده در دومین کنفرانس بین المللی مهندسی دانش بنیان و نوآوری در سال 1394
مشخصات نویسندگان مقاله:
ali Naghash Asadi - Iran University of Science and Technology Tehran, Iran
خلاصه مقاله:
ali Naghash Asadi - Iran University of Science and Technology Tehran, Iran
In this paper, from the perspective of Benford's Law the inter-arrival time of UDP in packet and flow levels, is investigated. Benford's Law is an empirical law that describes thedistribution of first digits in series of numbers in the natural phenomena. We claim that Benford's law describes the interarrivaltime of UDP packets and flows in normal traffic. As a result, any significant anomalies in UDP packets and flows including deliberate intrusions, unwanted errors or in general,network failures, can be identified by checking the first digit distribution inter-arrival time of UDP packets and flows. In thispaper, the relationship between Weibull distribution and Benford's Law is checked and then compliance of the interarrival time of UDP packets and flows from Weibull distributionis presented. Finally, a method for using Benford's Law, for detecting anomalies in inter-arrival time of UDP packets andflows is provided. In addition, UDP Flood attack with high detection rate of proposed method is detected.
کلمات کلیدی: Network Security; Anomaly Detection; Benford's Law; Weibull Distribution; UDP Packet
صفحه اختصاصی مقاله و دریافت فایل کامل: https://civilica.com/doc/553137/