The MIIS Eprints Archive

Analyzing Network Traffic for Malicious Hacker Activity

Pyke, Randall (2004) Analyzing Network Traffic for Malicious Hacker Activity. [Study Group Report]



Since the Internet came into life in the 1970s, it has been growing more than 100% every year. On the other hand, the solutions to detecting network intrusion are far outpaced. The economic impact of malicious attacks in lost revenue to a single e-commerce company can vary from 66 thousand up to 53 million US dollars. At the same time, there is no effective mathematical model widely available to distinguish anomaly network behaviours such as port scanning, system exploring, virus and worm propagation from normal traffic.

PDS proposed by Random Knowledge Inc., detects and localizes traffic patterns consistent with attacks hidden within large amounts of legitimate traffic. With the network’s packet traffic stream being its input, PDS relies on high fidelity models for normal traffic from which it can critically judge the legitimacy of any substream of packet traffic. Because of the reliability on an accurate baseline model for normal network traffic, in this workshop, we concentrate on modelling normal network traffic with a Poisson process.

Item Type:Study Group Report
Problem Sectors:Information and communication technology
Study Groups:Canadian Industrial Problem Solving Workshops > IPSW 8 (Vancouver, Canada, May 17-21, 2004)
Company Name:Random Knowledge
ID Code:181
Deposited By: Michele Taroni
Deposited On:13 Oct 2008
Last Modified:29 May 2015 19:48

Repository Staff Only: item control page