6533b821fe1ef96bd127ba62
RESEARCH PRODUCT
A critical review on the implementation of static data sampling techniques to detect network attacks
Christophe GuyeuxDominique GinhacAbdallah MakhoulJacques DemerjianRayane El SibaiSuzan HajjJacques Bou Abdosubject
General Computer ScienceComputer science020209 energyReal-time computingintrusion detection system (IDS)data streamsContext (language use)02 engineering and technologyIntrusion detection system[INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE]Data sampling[INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR]statistical analysisSampling process0202 electrical engineering electronic engineering information engineeringGeneral Materials ScienceStatic dataGeneral EngineeringVolume (computing)Process (computing)Sampling (statistics)Internet traffic[INFO.INFO-MO]Computer Science [cs]/Modeling and SimulationTK1-9971[INFO.INFO-MA]Computer Science [cs]/Multiagent Systems [cs.MA]020201 artificial intelligence & image processing[INFO.INFO-ET]Computer Science [cs]/Emerging Technologies [cs.ET]Electrical engineering. Electronics. Nuclear engineering[INFO.INFO-DC]Computer Science [cs]/Distributed Parallel and Cluster Computing [cs.DC]description
International audience; Given that the Internet traffic speed and volume are growing at a rapid pace, monitoring the network in a real-time manner has introduced several issues in terms of computing and storage capabilities. Fast processing of traffic data and early warnings on the detected attacks are required while maintaining a single pass over the traffic measurements. To palliate these problems, one can reduce the amount of traffic to be processed by using a sampling technique and detect the attacks based on the sampled traffic. Different parameters have an impact on the efficiency of this process, mainly, the applied sampling policy and sampling ratio. In this paper, we investigate the statistical impact of sampling the network traffic and we quantify the amount of deterioration that the sampling process introduces. In this context, an experimental comparison of existing sampling techniques is performed based on their impact on several well-known statistical measures.
| year | journal | country | edition | language |
|---|---|---|---|---|
| 2021-01-01 |