シェアする
インターネット工学研究室のSirikarn Pukkawannaさん(博士後期課程3年)、国際会議The International Symposium on Networks, Computers and Communications
(ISNCC 2015)において、Best paper
awardを受賞しました。
インターネット工学研究室のSirikarn Pukkawannaさん(博士後期課程3年)、国際会議The International Symposium on Networks, Computers and Communications
(ISNCC 2015)において、Best paper
awardを受賞しました。
Sirikarn Pukkawanna, Internet Engineering lab., won the best paper award in the International Symposium on Networks, Computers and Communications (ISNCC 2015). (May 15, 2015)
ISNCC2015 was held in Hammamet, Tunisia from 13-15 May 2015. Being co-Sponsored by IEEE, OSNCC covers theoretical and practical aspects related to Information Systems, Communication Networks and Computing Technologies. |
- 受賞者 Awardee
Sirikarn Pukkawanna
- 研究テーマ Research theme
"Network-based Mimicry Anomaly Detection using Divergence Measures"
To evade detection by network-based anomaly detectors, sophisticated attackers are trying to make their malicious traffic resemble legitimate traffic by running attacks through ports used on a daily basis (e.g., port 80 for HTTP). This mimicry traffic is potentially neglected by detectors.
In this paper, we propose a Kullback-Leibler (KL) divergence-based method for detecting anomalous traffic mimicking legitimate traffic.
Our method firstly observes the port pair distribution of traffic flows, which is a novel statistical traffic feature proposed in this work. Secondly, our method computes the KL divergence between the port pair distributions of the current and previous time intervals. Our method starts to find anomalous flows when the KL divergence deviates from a specified threshold. We tested the performance of our method with traffic which was mixed by four synthetic mimicry anomalies and real-world backbone traffic.
The results indicated that our method could precisely detect all synthetic anomalies. Furthermore, our method additionally revealed six real-world anomalies that were hidden in the testing backbone traffic. - 著者 Authors
Sirikarn Pukkawanna, Youki Kadobayashi and Suguru Yamaguchi - 受賞者のコメント Awardee's voice
I have been working on network anomaly detection for many years and this award is my first best paper award that I have received for my paper contributing to this domain. I can say that one of reasons that brings this success is NAIST and my laboratory. Thank you very much for all supports. -
>> インターネット工学研究室 Internet Engineering lab.