Please use this identifier to cite or link to this item:
Full metadata record
DC FieldValueLanguage
dc.contributor.authorChiera, B.-
dc.contributor.authorKraetzl, M.-
dc.contributor.authorRoughan, M.-
dc.contributor.authorWhite, L.-
dc.contributor.editorChiera, B.-
dc.identifier.citationAustralian Communication Theory Workshop Proceedings 2007 / pp.116-121-
dc.description.abstractIn this paper we use a particular type of mutual information norm — the cepstral information norm — for anomaly detection at the router level in the Internet. We combine the cepstral norm with a state space Kalman filter to define two distance metrics to capture anomalous behaviour. These metrics are implemented using a subspace-based model-free paradigm to aid realtime analysis. We infer a top level Internet topology using Border Gateway Protocol router updates and characterise the structural evolution of the network using a selection of graph metrics. Analysis over one week of non time-homogeneous updates, which includes The SQL Slammer worm event, shows the combined use of the two cepstral distance metrics detects the occurrence and severity of anomalous network events.-
dc.description.statementofresponsibilityBelinda A. Chiera, Miro Kraetzl, Matthew Roughan and Langford B. White-
dc.rights© 2007 The Pennsylvania State University-
dc.subjectCepstral information norm-
dc.subjectmutual information-
dc.subjectKalman filter-
dc.subjectsubspace-based model-free-
dc.subjectanomaly detection-
dc.titleUse of a cepstral information norm for anomaly detection in a BGP-inferred interent-
dc.typeConference paper-
dc.contributor.conferenceAustralian Communication Theory Workshop (8th : 2007 : Adelaide, Australia)-
dc.identifier.orcidWhite, L. [0000-0001-6660-0517]-
Appears in Collections:Aurora harvest 6
Electrical and Electronic Engineering publications

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.