Publication Details
Advanced Security Network Metrics
Barabas Maroš, Ing., Ph.D.
Chmelař Petr, Ing.
Drozd Michal, Ing.
Hanáček Petr, doc. Dr. Ing. (DITS)
behavioral signature, IDS, network metrics, network malware
The main objective of this work was to present the results achieved by the AIPS system in the process of network attacks detection, which were compared with the state-of-the-art work of A. Moore. The publication also mentions a formal description of the metrics extraction process with respect to the communication context.
In this paper we propose a method for the extraction of data from network flow and a contextual separation of partial connections using a set of network metrics that create a signature defining the connection behavior. We begin with the definition of the input dataset of captured communication and the process of extraction metrics from separated connections. Then we define the set of metrics included in the final behavioral signature. The second part of the chapter describes experiments performed with a state-of-the-art set of network metrics with comparison to our proposed experimental set. The chapter concludes with the results of our experiments.
@inbook{BUT103534,
author="Ivan {Homoliak} and Maroš {Barabas} and Petr {Chmelař} and Michal {Drozd} and Petr {Hanáček}",
title="Advanced Security Network Metrics",
booktitle="Emerging Trends in ICT Security",
year="2013",
publisher="Elsevier Science",
address="Waltham",
pages="187--202",
doi="10.1016/B978-0-12-411474-6.00012-8",
isbn="978-0-12-411474-6",
url="http://www.sciencedirect.com/science/article/pii/B9780124114746000128"
}