Abstract
Detecting network events has become a prevalent task in various network scenarios, which is essential for network management. Although a number of studies have been conducted to solve this problem, few of them concern about the universality issue. This paper proposes a General Network Behavior Analysis Approach (GNB2A) to address this issue. First, a modeling approach is proposed based on hidden Markov random field. Markovianity is introduced to model the spatio-temporal context of distributed network and stochastic interaction among interconnected and time-continuous events. Second, an expectation maximum algorithm is derived to estimate parameters of the model, and a maximum a posteriori criterion is utilized to detect network events. Finally, GNB2A is applied to three network scenarios. Experiments demonstrate the generality and practicability of GNB2A.
This work is supported by the Natural Science Foundation of Guangdong Province, China (No. 2018A030313303), the Fundamental Research Funds for the Central Universities (No. 17lgjc26) and the Natural Science Foundation of China (No. U1636118).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2016). https://doi.org/10.1109/COMST.2015.2494502
Demigha, O., Hidouci, W.K., Ahmed, T.: On energy efficiency in collaborative target tracking in wireless sensor network: a review. IEEE Commun. Surv. Tutor. 15(3), 1210–1222 (2013). https://doi.org/10.1109/SURV.2012.042512.00030
Khaleghi, B., Khamis, A., Karray, F.O., Razavi, S.N.: Multisensor data fusion: a review of the state-of-the-art. Inf. Fusion 14(1), 28–44 (2013). https://doi.org/10.1016/j.inffus.2011.08.001, http://www.sciencedirect.com/science/article/pii/S1566253511000558
Othman, M.F., Shazali, K.: Wireless sensor network applications: a study in environment monitoring system. Procedia Eng. 41, 1204–1210 (2012)
Ramaki, A.A., Amini, M., Atani, R.E.: Rteca: real time episode correlation algorithm for multi-step attack scenarios detection. Comput. Secur. 49, 206–219 (2015). https://doi.org/10.1016/j.cose.2014.10.006, http://www.sciencedirect.com/science/article/pii/S0167404814001527
Wu, S., Liu, S., Lin, W., Zhao, X., Chen, S.: Detecting remote access trojans through external control at area network borders. In: 2017 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), pp. 131–141 (2017). https://doi.org/10.1109/ANCS.2017.27
Xu, Q., Xiang, E.W., Yang, Q., Du, J., Zhong, J.: SMS spam detection using noncontent features. IEEE Intell. Syst. 27(6), 44–51 (2012). https://doi.org/10.1109/MIS.2012.3
Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Comput. Secur. 29(1), 124–140 (2010). https://doi.org/10.1016/j.cose.2009.06.008, http://www.sciencedirect.com/science/article/pii/S016740480900073X
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Ma, H., Xie, Y., Wang, Z. (2019). Detecting Network Events by Analyzing Dynamic Behavior of Distributed Network. In: Liu, X., Cheng, D., Jinfeng, L. (eds) Communications and Networking. ChinaCom 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 262. Springer, Cham. https://doi.org/10.1007/978-3-030-06161-6_63
Download citation
DOI: https://doi.org/10.1007/978-3-030-06161-6_63
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-06160-9
Online ISBN: 978-3-030-06161-6
eBook Packages: Computer ScienceComputer Science (R0)