A general collaborative framework for modeling and perceiving distributed network behavior

Xie, Yi, Wang, Yu, He, Haitao, Xiang, Yang, Yu, Shunzheng and Liu, Xincheng 2016, A general collaborative framework for modeling and perceiving distributed network behavior, IEEE/ACM transactions on networking, vol. 24, no. 5, pp. 3162-3176, doi: 10.1109/TNET.2015.2512609.

Attached Files
Name Description MIMEType Size Downloads

Title A general collaborative framework for modeling and perceiving distributed network behavior
Author(s) Xie, Yi
Wang, YuORCID iD for Wang, Yu orcid.org/0000-0002-9807-2293
He, Haitao
Xiang, YangORCID iD for Xiang, Yang orcid.org/0000-0001-5252-0831
Yu, Shunzheng
Liu, Xincheng
Journal name IEEE/ACM transactions on networking
Volume number 24
Issue number 5
Start page 3162
End page 3176
Total pages 15
Publisher IEEE
Place of publication Piscataway, N.J.
Publication date 2016-10-13
ISSN 1063-6692
Keyword(s) behavior modeling
collaborative defense
distributed detection
network security
Summary Collaborative Anomaly Detection (CAD) is an emerging field of network security in both academia and industry. It has attracted a lot of attention, due to the limitations of traditional fortress-style defense modes. Even though a number of pioneer studies have been conducted in this area, few of them concern about the universality issue. This work focuses on two aspects of it. First, a unified collaborative detection framework is developed based on network virtualization technology. Its purpose is to provide a generic approach that can be applied to designing specific schemes for various application scenarios and objectives. Second, a general behavior perception model is proposed for the unified framework based on hidden Markov random field. Spatial Markovianity is introduced to model the spatial context of distributed network behavior and stochastic interaction among interconnected nodes. Algorithms are derived for parameter estimation, forward prediction, backward smooth, and the normality evaluation of both global network situation and local behavior. Numerical experiments using extensive simulations and several real datasets are presented to validate the proposed solution. Performance-related issues and comparison with related works are discussed.
Language eng
DOI 10.1109/TNET.2015.2512609
Field of Research 080110 Simulation and Modelling
080503 Networking and Communications
Socio Economic Objective 970108 Expanding Knowledge in the Information and Computing Sciences
HERDC Research category C1 Refereed article in a scholarly journal
ERA Research output type C Journal article
Grant ID DP150103732
Copyright notice ©2016, IEEE
Persistent URL http://hdl.handle.net/10536/DRO/DU:30088963

Connect to link resolver
Unless expressly stated otherwise, the copyright for items in DRO is owned by the author, with all rights reserved.

Version Filter Type
Citation counts: TR Web of Science Citation Count  Cited 3 times in TR Web of Science
Scopus Citation Count Cited 3 times in Scopus
Google Scholar Search Google Scholar
Access Statistics: 291 Abstract Views, 2 File Downloads  -  Detailed Statistics
Created: Wed, 16 Nov 2016, 10:54:47 EST

Every reasonable effort has been made to ensure that permission has been obtained for items included in DRO. If you believe that your rights have been infringed by this repository, please contact drosupport@deakin.edu.au.