Multilayer packet tagging for Network Behaviour Analysis

Maznan Derarnan, Jalil Md Desa, Zulaiha Ali Othman

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Network behaviour analysis (NBA) is a system that analyses the network data stream or packets characteristics. NBA commonly associated with network intrusion detection and prevention system (IDS/IPS), as the mechanism used in NBA is well known for its capability to discover the hidden information in network packets. Among popular methods empowered the NBA is misuse detection and anomaly detection techniques. Misuse detection is suitable for known attacks that already have list of actions to be taken based on historical events from past attacks. However, misuse detection is inefficient to deal with zero-day type of attack. This paper describes the concept of multilayer packet tagging approach that is possible to compliment the weaknesses found in misuse detection techniques in NBA system.

Original languageEnglish
Title of host publicationProceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10
Pages909-913
Number of pages5
Volume2
DOIs
Publication statusPublished - 2010
Event2010 International Symposium on Information Technology, ITSim'10 - Kuala Lumpur
Duration: 15 Jun 201017 Jun 2010

Other

Other2010 International Symposium on Information Technology, ITSim'10
CityKuala Lumpur
Period15/6/1017/6/10

Fingerprint

Packet networks
Intrusion detection
Multilayers

Keywords

  • Anomaly detection
  • Data mining
  • Intrusion detection
  • Misuse detection
  • Network Behaviour Analysis

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

Derarnan, M., Desa, J. M., & Ali Othman, Z. (2010). Multilayer packet tagging for Network Behaviour Analysis. In Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10 (Vol. 2, pp. 909-913). [5561573] https://doi.org/10.1109/ITSIM.2010.5561573

Multilayer packet tagging for Network Behaviour Analysis. / Derarnan, Maznan; Desa, Jalil Md; Ali Othman, Zulaiha.

Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10. Vol. 2 2010. p. 909-913 5561573.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Derarnan, M, Desa, JM & Ali Othman, Z 2010, Multilayer packet tagging for Network Behaviour Analysis. in Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10. vol. 2, 5561573, pp. 909-913, 2010 International Symposium on Information Technology, ITSim'10, Kuala Lumpur, 15/6/10. https://doi.org/10.1109/ITSIM.2010.5561573
Derarnan M, Desa JM, Ali Othman Z. Multilayer packet tagging for Network Behaviour Analysis. In Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10. Vol. 2. 2010. p. 909-913. 5561573 https://doi.org/10.1109/ITSIM.2010.5561573
Derarnan, Maznan ; Desa, Jalil Md ; Ali Othman, Zulaiha. / Multilayer packet tagging for Network Behaviour Analysis. Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10. Vol. 2 2010. pp. 909-913
@inproceedings{022c7657baca4eb7b6bedc15a38bbc44,
title = "Multilayer packet tagging for Network Behaviour Analysis",
abstract = "Network behaviour analysis (NBA) is a system that analyses the network data stream or packets characteristics. NBA commonly associated with network intrusion detection and prevention system (IDS/IPS), as the mechanism used in NBA is well known for its capability to discover the hidden information in network packets. Among popular methods empowered the NBA is misuse detection and anomaly detection techniques. Misuse detection is suitable for known attacks that already have list of actions to be taken based on historical events from past attacks. However, misuse detection is inefficient to deal with zero-day type of attack. This paper describes the concept of multilayer packet tagging approach that is possible to compliment the weaknesses found in misuse detection techniques in NBA system.",
keywords = "Anomaly detection, Data mining, Intrusion detection, Misuse detection, Network Behaviour Analysis",
author = "Maznan Derarnan and Desa, {Jalil Md} and {Ali Othman}, Zulaiha",
year = "2010",
doi = "10.1109/ITSIM.2010.5561573",
language = "English",
isbn = "9781424467181",
volume = "2",
pages = "909--913",
booktitle = "Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10",

}

TY - GEN

T1 - Multilayer packet tagging for Network Behaviour Analysis

AU - Derarnan, Maznan

AU - Desa, Jalil Md

AU - Ali Othman, Zulaiha

PY - 2010

Y1 - 2010

N2 - Network behaviour analysis (NBA) is a system that analyses the network data stream or packets characteristics. NBA commonly associated with network intrusion detection and prevention system (IDS/IPS), as the mechanism used in NBA is well known for its capability to discover the hidden information in network packets. Among popular methods empowered the NBA is misuse detection and anomaly detection techniques. Misuse detection is suitable for known attacks that already have list of actions to be taken based on historical events from past attacks. However, misuse detection is inefficient to deal with zero-day type of attack. This paper describes the concept of multilayer packet tagging approach that is possible to compliment the weaknesses found in misuse detection techniques in NBA system.

AB - Network behaviour analysis (NBA) is a system that analyses the network data stream or packets characteristics. NBA commonly associated with network intrusion detection and prevention system (IDS/IPS), as the mechanism used in NBA is well known for its capability to discover the hidden information in network packets. Among popular methods empowered the NBA is misuse detection and anomaly detection techniques. Misuse detection is suitable for known attacks that already have list of actions to be taken based on historical events from past attacks. However, misuse detection is inefficient to deal with zero-day type of attack. This paper describes the concept of multilayer packet tagging approach that is possible to compliment the weaknesses found in misuse detection techniques in NBA system.

KW - Anomaly detection

KW - Data mining

KW - Intrusion detection

KW - Misuse detection

KW - Network Behaviour Analysis

UR - http://www.scopus.com/inward/record.url?scp=78049414008&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78049414008&partnerID=8YFLogxK

U2 - 10.1109/ITSIM.2010.5561573

DO - 10.1109/ITSIM.2010.5561573

M3 - Conference contribution

SN - 9781424467181

VL - 2

SP - 909

EP - 913

BT - Proceedings 2010 International Symposium on Information Technology - Engineering Technology, ITSim'10

ER -