• Login
    View Item 
    •   Home
    • UA Graduate and Undergraduate Research
    • UA Theses and Dissertations
    • Dissertations
    • View Item
    •   Home
    • UA Graduate and Undergraduate Research
    • UA Theses and Dissertations
    • Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Browse

    All of UA Campus RepositoryCommunitiesTitleAuthorsIssue DateSubmit DateSubjectsPublisherJournalThis CollectionTitleAuthorsIssue DateSubmit DateSubjectsPublisherJournal

    My Account

    LoginRegister

    About

    AboutUA Faculty PublicationsUA DissertationsUA Master's ThesesUA Honors ThesesUA PressUA YearbooksUA CatalogsUA Libraries

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    Online Anomaly Analysis And Self Protection Against Network Attacks

    • CSV
    • RefMan
    • EndNote
    • BibTex
    • RefWorks
    Thumbnail
    Name:
    azu_etd_1273_sip1_m.pdf
    Size:
    1.190Mb
    Format:
    PDF
    Description:
    azu_etd_1273_sip1_m.pdf
    Download
    Author
    Qu, Guangzhi
    Issue Date
    2005
    Keywords
    Electrical & Computer Engineering
    Advisor
    Hariri, Salim
    Committee Chair
    Hariri, Salim
    
    Metadata
    Show full item record
    Publisher
    The University of Arizona.
    Rights
    Copyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author.
    Abstract
    The objective of this research is to develop a theoretical framework and a general methodology for anomaly analysis and protection against network attacks to achieve (a) online monitoring, and analysis of network attacks; (b) automatically identifying critical vulnerable resources; and (c) proactive self-protection of network systems and their applications from a wide range of network attacks.The proposed methodology uses a unified framework to deploy online monitoring and analysis software modules that collect online measurement attributes and analyze the abnormal behavior of networks and their services. In addition, it evaluates the impact of component attacks on the overall operation of network systems and their services. This analysis also helps us determine the most critical components in the network that can lead to massive network outage or performance degradation.Based on Information Theory, we evaluate all network measurement attributes at each level of protocol to identify the features that can be measured efficiently in real time and can be used to detect abnormal behavior. A single feature (measurement attribute) is not sufficient in accurately detecting network attacks. To remedy this problem, we developed an efficient Genetic algorithm to compute a linear classification function of several features with different weights. We validated our approach on DARPA KDD99 benchmark dataset and the results showed higher accuracy in detecting DoS and Probe attacks and a significant improvement in the detection rates for the most difficult to detect attacks (e.g., U2R and R2L). For example, for DoS and Probe attacks, we have achieved 99.93% and 99.91% detection rate with a false alarm of 1.55%, respectively. For U2R and R2L attacks, our approach can achieve a 92.5% detection rate with false alarm of 0.7587%, and a 92.47% detection rate with false alarm of 8.35%, respectively.Quality of Protection (QoP) based routing protocol is developed to automatically adjust network traffic priorities according to the feedback of anomaly metrics. QoP can be integrated with any existing Quality of Service (QoS) protocols that will give high priority to normal traffic and low priority to abnormal traffic in order to minimize the impact of network attacks on various network services.
    Type
    text
    Electronic Dissertation
    Degree Name
    PhD
    Degree Level
    doctoral
    Degree Program
    Electrical & Computer Engineering
    Graduate College
    Degree Grantor
    University of Arizona
    Collections
    Dissertations

    entitlement

     
    The University of Arizona Libraries | 1510 E. University Blvd. | Tucson, AZ 85721-0055
    Tel 520-621-6442 | repository@u.library.arizona.edu
    DSpace software copyright © 2002-2017  DuraSpace
    Quick Guide | Contact Us | Send Feedback
    Open Repository is a service operated by 
    Atmire NV
     

    Export search results

    The export option will allow you to export the current search results of the entered query to a file. Different formats are available for download. To export the items, click on the button corresponding with the preferred download format.

    By default, clicking on the export buttons will result in a download of the allowed maximum amount of items.

    To select a subset of the search results, click "Selective Export" button and make a selection of the items you want to export. The amount of items that can be exported at once is similarly restricted as the full export.

    After making a selection, click one of the export format buttons. The amount of items that will be exported is indicated in the bubble next to export format.