Multidimensional Network Monitoring for Intrusion Detection
Vladimir Gudkov, Joseph E. Johnson
TL;DR
This paper proposes a real-time, multidimensional network monitoring approach using complex systems theory and physics-inspired methods to detect both known and unknown intrusions in network traffic.
Contribution
It introduces a novel multidimensional analysis framework combining complex systems theory and physics to improve intrusion detection capabilities.
Findings
Effective detection of known intrusions demonstrated
Supports detection of unknown intrusions
Provides a foundation for automatic intrusion detection systems
Abstract
An approach for real-time network monitoring in terms of numerical time-dependant functions of protocol parameters is suggested. Applying complex systems theory for information f{l}ow analysis of networks, the information traffic is described as a trajectory in multi-dimensional parameter-time space with about 10-12 dimensions. The network traffic description is synthesized by applying methods of theoretical physics and complex systems theory, to provide a robust approach for network monitoring that detects known intrusions, and supports developing real systems for detection of unknown intrusions. The methods of data analysis and pattern recognition presented are the basis of a technology study for an automatic intrusion detection system that detects the attack in the reconnaissance stage.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection