A. V. Guirik, G. P. Shigulin, “Approach to creating normal functioning profile of monitored objects for network anomalies detection”, Tr. SPIIRAN, 27 (2013), 172

Trudy SPIIRAN

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Informatics and Automation:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Trudy SPIIRAN, 2013, Issue 27, Pages 172–180 (Mi trspy609)

Approach to creating normal functioning profile of monitored objects for network anomalies detection

A. V. Guirik, G. P. Shigulin

National Research University of Information Technologies, Mechanics and Optics

Full-text PDF (609 kB)

References:

PDF

HTML

Abstract: An approach to creating normal functioning profiles (NFP) of monitored objects is considered. NFP creation is one of the key steps in solving problems of network anomalies detection. Common issues of NFP creation and ways of overcoming these issues are considered. Iteration methods, Shiskin–Eisenpress method in particular, are proposed as a mathematical tool for NFP creation procedure. Described NFP creation method is verified on empirical network monitoring data and suggested suitable for network anomalies detection.

Keywords: network anomalies, intrusion detection, normal functioning profile, information security.

Received: 26.03.2013

Document Type: Article

UDC: 004.056, 519.812.3

Language: Russian

Citation: A. V. Guirik, G. P. Shigulin, “Approach to creating normal functioning profile of monitored objects for network anomalies detection”, Tr. SPIIRAN, 27 (2013), 172–180

Citation in format AMSBIB

\Bibitem{GuiShi13}

\by A.~V.~Guirik, G.~P.~Shigulin

\paper Approach to creating normal functioning profile of monitored objects for network anomalies detection

\jour Tr. SPIIRAN

\yr 2013

\vol 27

\pages 172--180

\mathnet{http://mi.mathnet.ru/trspy609}

Linking options:

https://www.mathnet.ru/eng/trspy609

https://www.mathnet.ru/eng/trspy/v27/p172

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Statistics & downloads:
Abstract page:	241
Full-text PDF :	93
References:	40
First page:	1

Что такое QR-код?

Registration to the website

Logotypes