In this paper we present an interesting case of what we call behavioral network engineering, i.e. an approach to optimize network operation by exploiting information about user's behavior. Behavioral information is needed both to characterize the overall usage context of the network and to describe the specific attitudes of single users. Indeed, in a network which is autonomically managed global knowledge of the current network "situation" is of paramount importance to optimally exploit available network resources. Furthermore, in case the behavior of single individuals can significantly impact network operation, it becomes mandatory to hold more fine-grained information. Distributed Denial of Service (DDoS) attacks represent an interesting example, since attack patterns can definitely be seen as particular (i.e. malicious) behaviors. To better illustrate the above concepts, we present an Intrusion Detection System (IDS) designed around the behavioral network engineering paradigm and relying on a flow monitoring system used for behavior summarization.

Behavioral network engineering: making intrusion detection become autonomic

D'ANTONIO, Salvatore;
2006

Abstract

In this paper we present an interesting case of what we call behavioral network engineering, i.e. an approach to optimize network operation by exploiting information about user's behavior. Behavioral information is needed both to characterize the overall usage context of the network and to describe the specific attitudes of single users. Indeed, in a network which is autonomically managed global knowledge of the current network "situation" is of paramount importance to optimally exploit available network resources. Furthermore, in case the behavior of single individuals can significantly impact network operation, it becomes mandatory to hold more fine-grained information. Distributed Denial of Service (DDoS) attacks represent an interesting example, since attack patterns can definitely be seen as particular (i.e. malicious) behaviors. To better illustrate the above concepts, we present an Intrusion Detection System (IDS) designed around the behavioral network engineering paradigm and relying on a flow monitoring system used for behavior summarization.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11367/21839
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? 2
social impact