# A HYBRID RULE BASED FUZZY-NEURAL EXPERT SYSTEM FOR PASSIVE NETWORK MONITORING

Save this PDF as:

Size: px
Start display at page:

Download "A HYBRID RULE BASED FUZZY-NEURAL EXPERT SYSTEM FOR PASSIVE NETWORK MONITORING"

## Transcription

1 A HYBRID RULE BASED FUZZY-NEURAL EXPERT SYSTEM FOR PASSIVE NETWORK MONITORING AZRUDDIN AHMAD, GOBITHASAN RUDRUSAMY, RAHMAT BUDIARTO, AZMAN SAMSUDIN, SURESRAWAN RAMADASS. Network Research Group School of Computer Science, Univ. Science Malaysia Minden, Pulau Pinang MALAYSIA Tel.: Fax:

4 Abnormal network use Domain & membership function: network utilization (low, normal, extreme) bandwidth use (low bandwidth use, normal, high) Rules: traffic extreme, at usually low use then network condition abnormal traffic extreme, at usually high use then network condition normal traffic low, at usually low bandwidth then normal traffic extreme, at usually low bandwidth then network condition abnormal traffic normal, at usually normal network bandwidth then network condition normal. Fig.2 Expert Rule Example* *The membership function values for these conditions are learned by the system (See Fig.3). *The rules are based on fuzzy rule format. Decisions are done by using fuzzy logic. Fig. 4 depicts example of fuzzy decision process in the system. Perceptron learning: w i (p+1) = w i (p) + w i (p) where w i (p) = α * x i (p) * e(p) α = learning rate e(p) = yd(p) y(p) y d (p) = desired output (previous weight) y(p) = actual output For w(1) = first value obtained w(2) = w(1) + w i (1). The steps above are repeated continually until it stabilizes at a certain value for the membership function. Fig 4.1 condition normal at value 0.13 Fig 4.2 condition abnormal at value Fig 3: learning process Decision process The decision process uses fuzzy logic to come out with a weighted decision and reduce the numbers of false alarms [3]. Fuzzy logic is very good at handling probability and uncertainty. This will allow a human like decision to be made. It will also overcome the threshold border decision problem [3] in current systems. The process will be based on the weights of the membership function of the inputs which will also result in a weighted decision (Fig 4). Based on the significance of the condition, the proper actions can be taken. The decision derived will be as similar to human decision as possible. Fig.4 Examples of fuzzy decision process Classing of condition based on learned knowledge Some inputs of the rules are conditions that have to be decided and learned. An example of this (Fig.2) is the bandwidth domain. The condition has to be learned first and than applied to for the value to be obtained. Anomaly recognition based on membership function With the learning, updating and fine tuning process described here, an intelligent system that simulates a network administrators decision and learning process with the ability to adapt, learn and give out weighted decision can be created.

5 3 IMPLEMENTATION inetmon Implementation of the system is currently in progress. The intelligent module is being formed for the network monitoring software NETmon, a passive network monitoring software created by Network Research Group, University Science of Malaysia [4]. NETmon is a passive real-time network monitoring software with tools to passively monitor the network. It is based on the Windows platform environment. The current version does not have artificial intelligence. The data for the module will be obtained from the NETmon interface. The inetmon module is for warning and alarm creation. There is an alarm module in the current version but it is threshold based. The drawback of this approach is that it is non adaptable, dependant on the network administrator to set and change the threshold values. There are no weights to the seriousness of the alarms created. Also it will be subjected to the threshold problem [3]. The inetmon module will overcome the drawback of his approach. With the ANFIS for NETmon approach the alarms will have values to it. With this, the system can decide the action to be taken in relation to the seriousness of the alarm received. For instance a :00 2:00 4:00 6:00 8:00 10:00 12:00 14:00 probable network misuse will only be logged but a sure network breach decision can be added with further action of sending an sms to the network administrator to inform him immediately. The system could also take further action by taking proactive measures such as taking down the breached server. The use of artificial intelligence in NETmon promises an unsupervised and better network administration. 4 PRELIMINARY RESULTS Patterns inside of daily network traffic are the main dependency of the system. Normal human observations can make out such patterns. Still, unless proper research into such patterns are made, further knowledge about the behavior of these patterns could not The data discussed here are based on the observation of network traffic at Computer Science School, University Science of Malaysia (Fig 5). The data obtained shows promising prospect in finding data patterns inside network traffic data. Research is currently being done on obtainable network patterns and conditions. These will be used to create rules needed by the proposed system. Similar data on network patterns could be found in Barford & Plonka [3]. 16:00 18:00 20:00 22:00 0:00 2:00 4:00 6:00 8:00 10:00 12:00 14:00 16:00 18:00 20:00 22:00 0:00 2:00 4:00 6:00 8:00 10:00 12:00 14:00 16:00 18:00 Fig. 5 : packet count per second in a typical 72 hour period at NRG, USM. Fig. 6: example of flash crowd behavior [3] 20:00 22:00

6 l; 5 DISCUSSION The proposed system is still dependant on predefined rules. This is because of the need for the system to know certain patterns of network problems. Such problems are only known by experts of the field and could not be learned by the system without some sort of supervision. Still, most of the problems discussed above are caused by the use of the ES (Expert System) rules. A better system would be a system that learns rules by itself inductively. Such similar systems are proposed in Hermann [5]. Further work should be done on this. The learning curve of the proposed system is yet to be seen. Also there are some other issues that arise on the configuration and performance of the network. The current netmon also has some issues in network configurations whereas configurations using routers and switches experience difficulties to be monitored. The need for high amounts of processing to achieve real time processing is also a key factor. The sheer amount of data and rules to filter through in high speed networks might cause the aim for real time monitoring unobtainable. The dependency on the rules is the main drawback of this system. Another approach is the system to not have rules altogether. Such systems will only be dependant on patterns. Fuzzy clustering is one of the promising approaches available for this purpose. 6 CONCLUSION With the proposed system of incorporating different AI approaches, it will overcome the limitations of a system using only one or two approaches [2]. The limitations overcame: Ability to handle new and changing data. Robust when faced with unforeseen situations Learning and fine tuning from conditions encountered Able to handle probability and uncertainty Adaptable if the network evolves. Still there are problems unsolved and new problems created by using the method explained: Past experiences are not stored. Past success or failures are not remembered or applied to current problems. The experience is just in a value only. Rule base system will require maintenance at some time to add rules or delete obsolete rules. The domain must be well understood and thought out. This is not entirely possible in domains such as fault management. 7 FUTURE WORKS At the time of writing we are in the process of gathering and archiving data and researching on anomalies based on traffic on a part of network in our lab. Additional data will also be gathered from other networks to do comparison. We are also at the early stages of applying various statistical techniques to analyze the data and creating rules. The rules will then be tested on the created modules to establish if the intended results are obtained. We are also researching other approaches available to create a truly intelligent system. One promising step is by creating a system not dependent on rules, but instead uses cluster patterns in making decisions. REFERENCES [1] Leckie, C (1995), Experience and Trends in AI for Network Monitoring and Diagnosis, In Proceedings of the IJCAI95 Workshop on AI in Distributed Information, Experience_and_Trends.pdf (June 2002). [2]Gurër, D.W., Khan, I, Ogier, R & Keffer R, an Artificial Intelligence Approach to Network Fault Management, Approach.pdf (June 2002). [3] Barford, P & Plonka, D, (2001), Characteristics of Network Flow Anomalies, In Proc. ACM Internet measurement Workshop ACM SIGCOMM 2001, papers/47.pdf (June 2002). [4] Sureswaran, R, (2001), Network Monitor, In Proceedings of Asia Pacific Advanced Network Conference,2001, pp [5] Hermann, C.S., (1997), A Hybrid Fuzzy-Neural Expert System for Diagnosis, In Proceedings of the International Joint Conference on Artificial Intelligence (IJCAI), citeseer.nj.nec.com/cache/papers/cs/3406/ zaida.intellektik.informatik.th- darmstadt.dezsz~kiprzsz1995zsz95-02.pdf/herrmann95hybrid.pdf (June 2002).

7 [6] Hood, C.S., (1997), Proactive Network Fault Detection, In Proceedings of Infocom 1997 (1997), pp [7] Zadeh, L.A., Fuzzy Sets. Information and Control., [8] Negnevitsky, M. Artificial Intelligence: A Guide to Intelligent Systems. Essex, England. Pearson Publication Ltd, [9] Feather, F., Siewiorek, D., Maxion, R. (2000), Fault Detection in an Ethernet Network Using Anomaly Signature Matching, In Proceedings of ACM SIGCOMM 93. [10] Giove, S. (1999) Fuzzy Logic and Clustering Methods for Time Series Analysis, In Proceedings of European Symposium on Intelligent Techniques ECIT (June 2002)

### Characteristics of Network Traffic Flow Anomalies

Characteristics of Network Traffic Flow Anomalies Paul Barford and David Plonka I. INTRODUCTION One of the primary tasks of network administrators is monitoring routers and switches for anomalous traffic

### Intrusion Detection via Machine Learning for SCADA System Protection

Intrusion Detection via Machine Learning for SCADA System Protection S.L.P. Yasakethu Department of Computing, University of Surrey, Guildford, GU2 7XH, UK. s.l.yasakethu@surrey.ac.uk J. Jiang Department

### FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION

FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION Susan M. Bridges Bridges@cs.msstate.edu Rayford B. Vaughn vaughn@cs.msstate.edu 23 rd National Information Systems Security Conference

### System Specification. Author: CMU Team

System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect

### Network Performance Analysis Solution. White Paper

Network Performance Analysis Solution White Paper Copyright Copyright 2016 Colasoft. All rights reserved. Information in this document is subject to change without notice. No part of this document may

### Intrusion Detection System using Log Files and Reinforcement Learning

Intrusion Detection System using Log Files and Reinforcement Learning Bhagyashree Deokar, Ambarish Hazarnis Department of Computer Engineering K. J. Somaiya College of Engineering, Mumbai, India ABSTRACT

### A Review of Anomaly Detection Techniques in Network Intrusion Detection System

A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In

### INTRUSION PREVENTION AND EXPERT SYSTEMS

INTRUSION PREVENTION AND EXPERT SYSTEMS By Avi Chesla avic@v-secure.com Introduction Over the past few years, the market has developed new expectations from the security industry, especially from the intrusion

### RUGGEDCOM NMS. Monitor Availability Quick detection of network failures at the port and

RUGGEDCOM NMS is fully-featured enterprise grade network management software based on the OpenNMS platform. Specifically for the rugged communications industry, RNMS provides a comprehensive platform for

### AUTONOMOUS NETWORK SECURITY FOR DETECTION OF NETWORK ATTACKS

AUTONOMOUS NETWORK SECURITY FOR DETECTION OF NETWORK ATTACKS Nita V. Jaiswal* Prof. D. M. Dakhne** Abstract: Current network monitoring systems rely strongly on signature-based and supervised-learning-based

### Introduction. Chapter 1

Chapter 1 Introduction The area of fault detection and diagnosis is one of the most important aspects in process engineering. This area has received considerable attention from industry and academia because

### University of Portsmouth PORTSMOUTH Hants UNITED KINGDOM PO1 2UP

University of Portsmouth PORTSMOUTH Hants UNITED KINGDOM PO1 2UP This Conference or Workshop Item Adda, Mo, Kasassbeh, M and Peart, Amanda (2005) A survey of network fault management. In: Telecommunications

### E-Learning Using Artificial Intelligence

E-Learning Using Artificial Intelligence 1 Miss. Ankita Potode, 2 Miss. Poonam Manjare Abstract: This paper presents a new concept of intelligent e-learning systems with intelligent two-way communication

### NETWORK MONITORING. Network Monitoring. Product brief. NETWORK MONITORING Logger Only

Network Monitoring 1 Network Monitoring Product brief Logger Only CONTENTS 1 Page 1. Introduction 2-3 2. Network Structure 4 3. Data Collection 5 4. Data Visualisation 6 5. Dashboard 7 6. Alarm Management

### Intelligent Agents Serving Based On The Society Information

Intelligent Agents Serving Based On The Society Information Sanem SARIEL Istanbul Technical University, Computer Engineering Department, Istanbul, TURKEY sariel@cs.itu.edu.tr B. Tevfik AKGUN Yildiz Technical

### Whitepaper Continuous Availability Suite: Neverfail Solution Architecture

Continuous Availability Suite: Neverfail s Continuous Availability Suite is at the core of every Neverfail solution. It provides a comprehensive software solution for High Availability (HA) and Disaster

### SURVEY OF INTRUSION DETECTION SYSTEM

SURVEY OF INTRUSION DETECTION SYSTEM PRAJAPATI VAIBHAVI S. SHARMA DIPIKA V. ASST. PROF. ASST. PROF. MANISH INSTITUTE OF COMPUTER STUDIES MANISH INSTITUTE OF COMPUTER STUDIES VISNAGAR VISNAGAR GUJARAT GUJARAT

### inet Enterprise Features Fact Sheet

2007 inet Enterprise Features Fact Sheet inetmon Sdn. Bhd. 1010 & 1011, Tingkat 10 Blok D, Dataran Usahawan Kelana,17, Jalan SS 7/26, Kelana Jaya, 47301 Petaling Jaya, Selangor Darul Ehsan Tel: 603-7880

### Integrated management information in utilities

Integrated management information in utilities Information from Cigré The objective of this article is to assist utilities define, specify and evaluate the high level management systems that form the information

### The SIEM Evaluator s Guide

Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,

### Real-Time Analysis of CDN in an Academic Institute: A Simulation Study

Journal of Algorithms & Computational Technology Vol. 6 No. 3 483 Real-Time Analysis of CDN in an Academic Institute: A Simulation Study N. Ramachandran * and P. Sivaprakasam + *Indian Institute of Management

### Intrusion Detection System for Cloud Network Using FC-ANN Algorithm

Intrusion Detection System for Cloud Network Using FC-ANN Algorithm Swati Ramteke 1, Rajesh Dongare 2, Komal Ramteke 3 Student, Department of Information Technology, VIIT, Pune, India 1 Student, Department

### HIDS and NIDS Hybrid Intrusion Detection System Model Design Zhenqi Wang 1, a, Dankai Zhang 1,b

Advanced Engineering Forum Online: 2012-09-26 ISSN: 2234-991X, Vols. 6-7, pp 991-994 doi:10.4028/www.scientific.net/aef.6-7.991 2012 Trans Tech Publications, Switzerland HIDS and NIDS Hybrid Intrusion

### Network Platform Makes SP More Brilliant

Network Platform Makes SP More Brilliant 1 CONTENTS 1 Platform Brief Introduction 2 DPI System 3 Network Management Platform 2 Do you want to Win more Customers Offer Better UE Develop More Services 25/04/2014

### Network Based Intrusion Detection Using Honey pot Deception

Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.

### An Artificial Immune Model for Network Intrusion Detection

An Artificial Immune Model for Network Intrusion Detection Jungwon Kim and Peter Bentley Department of Computer Science, University Collge London Gower Street, London, WC1E 6BT, U. K. Phone: +44-171-380-7329,

### Using Artificial Intelligence in Intrusion Detection Systems

Using Artificial Intelligence in Intrusion Detection Systems Matti Manninen Helsinki University of Technology mimannin@niksula.hut.fi Abstract Artificial Intelligence could make the use of Intrusion Detection

### ARTIFICIAL INTELLIGENCE METHODS IN EARLY MANUFACTURING TIME ESTIMATION

1 ARTIFICIAL INTELLIGENCE METHODS IN EARLY MANUFACTURING TIME ESTIMATION B. Mikó PhD, Z-Form Tool Manufacturing and Application Ltd H-1082. Budapest, Asztalos S. u 4. Tel: (1) 477 1016, e-mail: miko@manuf.bme.hu

### Some Research Challenges for Big Data Analytics of Intelligent Security

Some Research Challenges for Big Data Analytics of Intelligent Security Yuh-Jong Hu hu at cs.nccu.edu.tw Emerging Network Technology (ENT) Lab. Department of Computer Science National Chengchi University,

### IP Forwarding Anomalies and Improving their Detection using Multiple Data Sources

IP Forwarding Anomalies and Improving their Detection using Multiple Data Sources Matthew Roughan (Univ. of Adelaide) Tim Griffin (Intel Research Labs) Z. Morley Mao (Univ. of Michigan) Albert Greenberg,

### Modeling and Design of Intelligent Agent System

International Journal of Control, Automation, and Systems Vol. 1, No. 2, June 2003 257 Modeling and Design of Intelligent Agent System Dae Su Kim, Chang Suk Kim, and Kee Wook Rim Abstract: In this study,

### Prediction of DDoS Attack Scheme

Chapter 5 Prediction of DDoS Attack Scheme Distributed denial of service attack can be launched by malicious nodes participating in the attack, exploit the lack of entry point in a wireless network, and

### The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack

The Integration of SNORT with K-Means Clustering Algorithm to Detect New Attack Asnita Hashim, University of Technology MARA, Malaysia April 14-15, 2011 The Integration of SNORT with K-Means Clustering

### A SURVEY ON GENETIC ALGORITHM FOR INTRUSION DETECTION SYSTEM

A SURVEY ON GENETIC ALGORITHM FOR INTRUSION DETECTION SYSTEM MS. DIMPI K PATEL Department of Computer Science and Engineering, Hasmukh Goswami college of Engineering, Ahmedabad, Gujarat ABSTRACT The Internet

### The Cyber Threat Profiler

Whitepaper The Cyber Threat Profiler Good Intelligence is essential to efficient system protection INTRODUCTION As the world becomes more dependent on cyber connectivity, the volume of cyber attacks are

### Using Fuzzy Logic Control to Provide Intelligent Traffic Management Service for High-Speed Networks ABSTRACT:

Using Fuzzy Logic Control to Provide Intelligent Traffic Management Service for High-Speed Networks ABSTRACT: In view of the fast-growing Internet traffic, this paper propose a distributed traffic management

### Application of Data Mining Techniques in Intrusion Detection

Application of Data Mining Techniques in Intrusion Detection LI Min An Yang Institute of Technology leiminxuan@sohu.com Abstract: The article introduced the importance of intrusion detection, as well as

### Network Management and Monitoring Software

Page 1 of 7 Network Management and Monitoring Software Many products on the market today provide analytical information to those who are responsible for the management of networked systems or what the

### Intrusion Detection Using Data Mining Along Fuzzy Logic and Genetic Algorithms

IJCSNS International Journal of Computer Science and Network Security, VOL.8 No., February 8 7 Intrusion Detection Using Data Mining Along Fuzzy Logic and Genetic Algorithms Y.Dhanalakshmi and Dr.I. Ramesh

### IBM QRadar Security Intelligence Platform appliances

IBM QRadar Security Intelligence Platform Comprehensive, state-of-the-art solutions providing next-generation security intelligence Highlights Get integrated log management, security information and event

### Company & Solution Profile

Company & Solution Profile About Us NMSWorks Software Limited is an information technology company specializing in developing Carrier grade Integrated Network Management Solutions for the emerging convergent

### IMAV: An Intelligent Multi-Agent Model Based on Cloud Computing for Resource Virtualization

2011 International Conference on Information and Electronics Engineering IPCSIT vol.6 (2011) (2011) IACSIT Press, Singapore IMAV: An Intelligent Multi-Agent Model Based on Cloud Computing for Resource

### Cloud Computing for Agent-based Traffic Management Systems

Cloud Computing for Agent-based Traffic Management Systems Manoj A Patil Asst.Prof. IT Dept. Khyamling A Parane Asst.Prof. CSE Dept. D. Rajesh Asst.Prof. IT Dept. ABSTRACT Increased traffic congestion

### Compliance Guide: ASD ISM OVERVIEW

Compliance Guide: ASD ISM OVERVIEW Australian Information Security Manual Mapping to the Principles using Huntsman INTRODUCTION In June 2010, The Australian Government Protective Security Policy Framework

### SolarWinds Network Performance Monitor

SolarWinds Network Performance Monitor powerful network fault & availabilty management Fully Functional for 30 Days SolarWinds Network Performance Monitor (NPM) makes it easy to quickly detect, diagnose,

### Performance Prediction, Sizing and Capacity Planning for Distributed E-Commerce Applications

Performance Prediction, Sizing and Capacity Planning for Distributed E-Commerce Applications by Samuel D. Kounev (skounev@ito.tu-darmstadt.de) Information Technology Transfer Office Abstract Modern e-commerce

### Intrusion Detection Systems

Intrusion Detection Systems Assessment of the operation and usefulness of informatics tools for the detection of on-going computer attacks André Matos Luís Machado Work Topics 1. Definition 2. Characteristics

### A Survey on Intrusion Detection System with Data Mining Techniques

A Survey on Intrusion Detection System with Data Mining Techniques Ms. Ruth D 1, Mrs. Lovelin Ponn Felciah M 2 1 M.Phil Scholar, Department of Computer Science, Bishop Heber College (Autonomous), Trichirappalli,

### Cisco Unified Computing Remote Management Services

Cisco Unified Computing Remote Management Services Cisco Remote Management Services are an immediate, flexible management solution that can help you realize the full value of the Cisco Unified Computing

### FAULT MANAGEMENT SERVICE IN ATM NETWORKS USING TINA NETWORK RESOURCE ARCHITECTURE

FAULT MANAGEMENT SERVICE IN ATM NETWORKS USING TINA NETWORK RESOURCE ARCHITECTURE Chetan P. Chiba, Setumo Mohapi, Hu Hanrahan Centre for Telecommunications Access and Services 1 Department of Electrical

### An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks

2011 International Conference on Network and Electronics Engineering IPCSIT vol.11 (2011) (2011) IACSIT Press, Singapore An Anomaly-Based Method for DDoS Attacks Detection using RBF Neural Networks Reyhaneh

### Application of Netflow logs in Analysis and Detection of DDoS Attacks

International Journal of Computer and Internet Security. ISSN 0974-2247 Volume 8, Number 1 (2016), pp. 1-8 International Research Publication House http://www.irphouse.com Application of Netflow logs in

### Fuzzy Active Queue Management for Assured Forwarding Traffic in Differentiated Services Network

Fuzzy Active Management for Assured Forwarding Traffic in Differentiated Services Network E.S. Ng, K.K. Phang, T.C. Ling, L.Y. Por Department of Computer Systems & Technology Faculty of Computer Science

### Detection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup

Network Anomaly Detection A Machine Learning Perspective Dhruba Kumar Bhattacharyya Jugal Kumar KaKta»C) CRC Press J Taylor & Francis Croup Boca Raton London New York CRC Press is an imprint of the Taylor

### The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud

Proceedings of the APAN Network Research Workshop 2013 The flow back tracing and DDoS defense mechanism of the TWAREN defender cloud Ming-Chang Liang 1, *, Meng-Jang Lin 2, Li-Chi Ku 3, Tsung-Han Lu 4,

### SolarWinds Network Performance Monitor

SolarWinds Network Performance Monitor powerful network fault & availabilty management Fully Functional for 30 Days SolarWinds Network Performance Monitor (NPM) makes it easy to quickly detect, diagnose,

### Syslog Analyzer ABOUT US. Member of the TeleManagement Forum. info@ossera.com +1-916-290-9300 http://www.ossera.com

Syslog Analyzer ABOUT US OSSera, Inc. is a global provider of Operational Support System (OSS) solutions for IT organizations, service planning, service operations, and network operations. OSSera's multithreaded

### Network Machine Learning Research Group. Intended status: Informational October 19, 2015 Expires: April 21, 2016

Network Machine Learning Research Group S. Jiang Internet-Draft Huawei Technologies Co., Ltd Intended status: Informational October 19, 2015 Expires: April 21, 2016 Abstract Network Machine Learning draft-jiang-nmlrg-network-machine-learning-00

### Agent-based Simulation Study of Behavioral Anticipation: Anticipatory Fault Management in Computer Networks

Agent-based Simulation Study of Behavioral Anticipation: Anticipatory Fault Management in Computer Networs Avdhoot Saple M&SNet: AMSL (The Auburn Modeling and Simulation Laboratory) Computer Science and

### International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 3, May-June 2015

RESEARCH ARTICLE OPEN ACCESS Data Mining Technology for Efficient Network Security Management Ankit Naik [1], S.W. Ahmad [2] Student [1], Assistant Professor [2] Department of Computer Science and Engineering

### QRadar Security Intelligence Platform Appliances

DATASHEET Total Security Intelligence An IBM Company QRadar Security Intelligence Platform Appliances QRadar Security Intelligence Platform appliances combine typically disparate network and security management

### A FRAMEWORK FOR MANAGING RUNTIME ENVIRONMENT OF JAVA APPLICATIONS

A FRAMEWORK FOR MANAGING RUNTIME ENVIRONMENT OF JAVA APPLICATIONS Abstract T.VENGATTARAMAN * Department of Computer Science, Pondicherry University, Puducherry, India. A.RAMALINGAM Department of MCA, Sri

### Web Application Security

Web Application Security Richard A. Kemmerer Reliable Software Group Computer Science Department University of California Santa Barbara, CA 93106, USA http://www.cs.ucsb.edu/~rsg www.cs.ucsb.edu/~rsg/

### mbits Network Operations Centrec

mbits Network Operations Centrec The mbits Network Operations Centre (NOC) is co-located and fully operationally integrated with the mbits Service Desk. The NOC is staffed by fulltime mbits employees,

### CHAPTER 1 INTRODUCTION

21 CHAPTER 1 INTRODUCTION 1.1 PREAMBLE Wireless ad-hoc network is an autonomous system of wireless nodes connected by wireless links. Wireless ad-hoc network provides a communication over the shared wireless

### A Review on Network Intrusion Detection System Using Open Source Snort

, pp.61-70 http://dx.doi.org/10.14257/ijdta.2016.9.4.05 A Review on Network Intrusion Detection System Using Open Source Snort Sakshi Sharma and Manish Dixit Department of CSE& IT MITS Gwalior, India Sharmasakshi1009@gmail.com,

### Cover. White Paper. (nchronos 4.1)

Cover White Paper (nchronos 4.1) Copyright Copyright 2013 Colasoft LLC. All rights reserved. Information in this document is subject to change without notice. No part of this document may be reproduced

### Intelligent Log Analyzer. André Restivo <andre.restivo@portugalmail.pt>

Intelligent Log Analyzer André Restivo 9th January 2003 Abstract Server Administrators often have to analyze server logs to find if something is wrong with their machines.

### About the NeuroFuzzy Module of the FuzzyTECH5.5 Software

About the NeuroFuzzy Module of the FuzzyTECH5.5 Software Ágnes B. Simon, Dániel Biró College of Nyíregyháza, Sóstói út 31, simona@nyf.hu, bibby@freemail.hu Abstract: Our online edition of the software

### Bio-inspired mechanisms for efficient and adaptive network security

Bio-inspired mechanisms for efficient and adaptive network security Falko Dressler Computer Networks and Communication Systems University of Erlangen-Nuremberg, Germany dressler@informatik.uni-erlangen.de

### A Systemic Artificial Intelligence (AI) Approach to Difficult Text Analytics Tasks

A Systemic Artificial Intelligence (AI) Approach to Difficult Text Analytics Tasks Text Analytics World, Boston, 2013 Lars Hard, CTO Agenda Difficult text analytics tasks Feature extraction Bio-inspired

### SureSense Software Suite Overview

SureSense Software Overview Eliminate Failures, Increase Reliability and Safety, Reduce Costs and Predict Remaining Useful Life for Critical Assets Using SureSense and Health Monitoring Software What SureSense

### A MARCH NETWORKS WHITE PAPER. Shadow Archiving in Video Surveillance Systems. Fail Safe Recording Options for IP Edge Devices

A MARCH NETWORKS WHITE PAPER Shadow Archiving in Video Surveillance Systems Fail Safe Recording Options for IP Edge Devices Table of Contents Executive Summary...2 Introduction...2 Background...2 DVR

### AlienVault. Unified Security Management (USM) 5.x Policy Management Fundamentals

AlienVault Unified Security Management (USM) 5.x Policy Management Fundamentals USM 5.x Policy Management Fundamentals Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,

### DEVELOPMENT OF VIBRATION REMOTE MONITORING SYSTEM BASED ON WIRELESS SENSOR NETWORK

International Journal of Computer Application and Engineering Technology Volume 1-Issue1, January 2012.pp.1-7 www.ijcaet.net DEVELOPMENT OF VIBRATION REMOTE MONITORING SYSTEM BASED ON WIRELESS SENSOR NETWORK

### A FRAMEWORK FOR AN ADAPTIVE INTRUSION DETECTION SYSTEM WITH DATA MINING. Mahmood Hossain and Susan M. Bridges

A FRAMEWORK FOR AN ADAPTIVE INTRUSION DETECTION SYSTEM WITH DATA MINING Mahmood Hossain and Susan M. Bridges Department of Computer Science Mississippi State University, MS 39762, USA E-mail: {mahmood,

### Axapta Object Server MICROSOFT BUSINESS SOLUTIONS AXAPTA

MICROSOFT BUSINESS SOLUTIONS AXAPTA Axapta Object Server Microsoft Business Solutions Axapta Object Server minimises bandwidth requirements and ensures easy, efficient and homogeneous client deployment.

### Module II. Internet Security. Chapter 7. Intrusion Detection. Web Security: Theory & Applications. School of Software, Sun Yat-sen University

Module II. Internet Security Chapter 7 Intrusion Detection Web Security: Theory & Applications School of Software, Sun Yat-sen University Outline 7.1 Threats to Computer System 7.2 Process of Intrusions

### Detecting rogue systems

Product Guide Revision A McAfee Rogue System Detection 4.7.1 For use with epolicy Orchestrator 4.6.3-5.0.0 Software Detecting rogue systems Unprotected systems, referred to as rogue systems, are often

### Speedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques

www.ijcsi.org 387 Speedy Signature Based Intrusion Detection System Using Finite State Machine and Hashing Techniques Utkarsh Dixit 1, Shivali Gupta 2 and Om Pal 3 1 School of Computer Science, Centre

### Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool

Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool Mukta Garg Assistant Professor, Advanced Educational Institutions, Palwal Abstract Today s society

### Hillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis

Hillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis Keywords: Intelligent Next-Generation Firewall (ingfw), Unknown Threat, Abnormal Parameter, Abnormal Behavior,

### Wireless Sensor Network Performance Monitoring

Wireless Sensor Network Performance Monitoring Yaqoob J. Al-raisi & David J. Parish High Speed Networks Group Loughborough University MSN Coseners 12-13th 13th July 2007 Overview The problem we are trying

### Information Technology Policy

Information Technology Policy Security Information and Event Management Policy ITP Number Effective Date ITP-SEC021 October 10, 2006 Category Supersedes Recommended Policy Contact Scheduled Review RA-ITCentral@pa.gov

Enlighten your transport network Efficient Service and Network Management in packet-optical networks Network operators face many challenges driven by the rapid growth in customer demands. Growth in optical

### Network Intrusion Detection and Prevention

Ali A. Ghorbani Wei Lu Mahbod Tavallaee Network Intrusion Detection and Prevention Concepts and Techniques )Spri inger Contents 1 Network Attacks 1 1.1 Attack Taxonomies 2 1.2 Probes 4 1.2.1 IPSweep and

### Chapter 2 The Research on Fault Diagnosis of Building Electrical System Based on RBF Neural Network

Chapter 2 The Research on Fault Diagnosis of Building Electrical System Based on RBF Neural Network Qian Wu, Yahui Wang, Long Zhang and Li Shen Abstract Building electrical system fault diagnosis is the

### Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures

Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment

### Alcatel-Lucent OmniVista TM 4760 Network Management System

Alcatel-Lucent OmniVista TM 4760 Network Management System Network Management Systems Telecom managers need flexible network management tools to deal with the challenge of staying current with today s

### Azure Machine Learning, SQL Data Mining and R

Azure Machine Learning, SQL Data Mining and R Day-by-day Agenda Prerequisites No formal prerequisites. Basic knowledge of SQL Server Data Tools, Excel and any analytical experience helps. Best of all:

### The Business case for monitoring points... PCM architecture...

The Business case for monitoring points... Points Condition Monitoring (PCM) measures key parameters related to the performance of switch machines and turnouts in real time at every movement. Intelligent

### PROFESSIONAL SECURITY SYSTEMS

PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security

### Virtualized Security: The Next Generation of Consolidation

Virtualization. Consolidation. Simplification. Choice. WHITE PAPER Virtualized Security: The Next Generation of Consolidation Virtualized Security: The Next Generation of Consolidation As we approach the

### A Framework for End-to-End Proactive Network Management

A Framework for End-to-End Proactive Network Management S. Hariri, Y. Kim, P. Varshney, Department of Electrical Engineering and Computer Science Syracuse University, Syracuse, NY 13244 {hariri, yhkim,varshey}@cat.syr.edu

### Network- vs. Host-based Intrusion Detection

Network- vs. Host-based Intrusion Detection A Guide to Intrusion Detection Technology 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free: 800.776.2362 Fax: 678.443.6477

### Secure Networks for Process Control

Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

### Business Opportunities from Big Data: Event Management

Business Opportunities from Business Opportunities from How Smart Meters Contribute to Big Data Smart Meters provide near real-time information at a metering point level through time series and event data

### Hillstone Intelligent Next Generation Firewall

Hillstone Intelligent Next Generation Firewall Kris Nawani Solution Manager (Thailand) 12 th March 2015 1 About Hillstone Networks Founded 2006 by Netscreen visionaries World class team with security,