Senatus - Implementation and Performance Evaluation

Senatus - Implementation and Performance Evaluation

Traffic anomaly detection in backbone networks has received increased at-tention from the research community over the last years. A variety of tech-niques and implementations has been proposed in this area, some which hasbecome commercial products. However, studies have revealed that theseproducts a...

Full description

Bibliographic Details
Main Authors: Askeland, Christian Emil, Salvesen, Anders Emil, Østvold, Arne Fjæren
Format: Others
Language:English
Published: Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk 2012
Subjects:
ntnudaim:7145
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
Online Access:http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-19076
id ndltd-UPSALLA1-oai-DiVA.org-ntnu-19076
record_format oai_dc
spelling ndltd-UPSALLA1-oai-DiVA.org-ntnu-190762013-01-08T13:45:13ZSenatus - Implementation and Performance EvaluationengAskeland, Christian EmilSalvesen, Anders EmilØstvold, Arne FjærenNorges teknisk-naturvitenskapelige universitet, Institutt for telematikkNorges teknisk-naturvitenskapelige universitet, Institutt for telematikkNorges teknisk-naturvitenskapelige universitet, Institutt for telematikkInstitutt for telematikk2012ntnudaim:7145MTKOM kommunikasjonsteknologiInformasjonssikkerhetTraffic anomaly detection in backbone networks has received increased at-tention from the research community over the last years. A variety of tech-niques and implementations has been proposed in this area, some which hasbecome commercial products. However, studies have revealed that theseproducts are hardly used, mainly because of high false-positive rates andthe fact that manual inspection of alarms is a time consuming task for thenetwork administrator.Senatus is a recently proposed technique for combined anomaly detectionand root-cause analysis, originally proposed by Atef Abdelkefi. In this the-sis, we provide a complete high-performance implementation of Senatus,including a web Dashboard with overview of anomalies and the possibil-ity for manual fine-tuning of parameters. Furthermore, we have verifiedSenatus performance by comparing Senatus with a implementation of awell-known histogram-based anomaly detection technique.Our results show that Senatus performs very well for detection scans, andthat it matches the histogram-based anomaly detector for Denial of Service-attacks. Student thesisinfo:eu-repo/semantics/bachelorThesistexthttp://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-19076Local ntnudaim:7145application/pdfinfo:eu-repo/semantics/openAccess
collection NDLTD
language English
format Others
sources NDLTD
topic ntnudaim:7145
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
spellingShingle ntnudaim:7145
MTKOM kommunikasjonsteknologi
Informasjonssikkerhet
Askeland, Christian Emil
Salvesen, Anders Emil
Østvold, Arne Fjæren
Senatus - Implementation and Performance Evaluation
description Traffic anomaly detection in backbone networks has received increased at-tention from the research community over the last years. A variety of tech-niques and implementations has been proposed in this area, some which hasbecome commercial products. However, studies have revealed that theseproducts are hardly used, mainly because of high false-positive rates andthe fact that manual inspection of alarms is a time consuming task for thenetwork administrator.Senatus is a recently proposed technique for combined anomaly detectionand root-cause analysis, originally proposed by Atef Abdelkefi. In this the-sis, we provide a complete high-performance implementation of Senatus,including a web Dashboard with overview of anomalies and the possibil-ity for manual fine-tuning of parameters. Furthermore, we have verifiedSenatus performance by comparing Senatus with a implementation of awell-known histogram-based anomaly detection technique.Our results show that Senatus performs very well for detection scans, andthat it matches the histogram-based anomaly detector for Denial of Service-attacks.
author Askeland, Christian Emil
Salvesen, Anders Emil
Østvold, Arne Fjæren
author_facet Askeland, Christian Emil
Salvesen, Anders Emil
Østvold, Arne Fjæren
author_sort Askeland, Christian Emil
title Senatus - Implementation and Performance Evaluation
title_short Senatus - Implementation and Performance Evaluation
title_full Senatus - Implementation and Performance Evaluation
title_fullStr Senatus - Implementation and Performance Evaluation
title_full_unstemmed Senatus - Implementation and Performance Evaluation
title_sort senatus - implementation and performance evaluation
publisher Norges teknisk-naturvitenskapelige universitet, Institutt for telematikk
publishDate 2012
url http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-19076
work_keys_str_mv AT askelandchristianemil senatusimplementationandperformanceevaluation
AT salvesenandersemil senatusimplementationandperformanceevaluation
AT østvoldarnefjæren senatusimplementationandperformanceevaluation
_version_ 1716528304044900352

Similar Items