Internet traffic analysis
This report presents two models that are used to detect the user abnormal behavior and network intrusion respectively. The user abnormal behavior detection model uses the pattern-matching techniques to identify the user. The intrusion detection model detects intrusion based on known intrusion patter...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2014
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/60991 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-60991 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-609912023-07-07T16:14:36Z Internet traffic analysis Gui, Shengyu Tan Yap Peng School of Electrical and Electronic Engineering DRNTU::Engineering::Electrical and electronic engineering::Computer hardware, software and systems This report presents two models that are used to detect the user abnormal behavior and network intrusion respectively. The user abnormal behavior detection model uses the pattern-matching techniques to identify the user. The intrusion detection model detects intrusion based on known intrusion patterns and normal Internet traffic parameters. The process of user abnormality detection is to first collect and analyze user input and internet traffic information, classify the user activities to specific types and build signatures database of each activity type. Then users are identified by those signatures after login. The signature consists of the user input signature and the internet traffic information. The intrusion detection model aims to detect intrusion based on normal internet traffic parameters and operational values. Since Denial-of-service is one of the intrusions that can be easily launched and pose great threat to network and workstations, therefore, the model focus on detecting DOS attack. TCP flood attack and ICMP flood attack are simulated for intrusion detection testing. The functionality of these two models is to provide a more secure working and network environment for individuals continuously. Bachelor of Engineering 2014-06-04T01:37:57Z 2014-06-04T01:37:57Z 2014 2014 Final Year Project (FYP) http://hdl.handle.net/10356/60991 en Nanyang Technological University 66 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Electrical and electronic engineering::Computer hardware, software and systems |
| spellingShingle |
DRNTU::Engineering::Electrical and electronic engineering::Computer hardware, software and systems Gui, Shengyu Internet traffic analysis |
| description |
This report presents two models that are used to detect the user abnormal behavior and network intrusion respectively. The user abnormal behavior detection model uses the pattern-matching techniques to identify the user. The intrusion detection model detects intrusion based on known intrusion patterns and normal Internet traffic parameters.
The process of user abnormality detection is to first collect and analyze user input and internet traffic information, classify the user activities to specific types and build signatures database of each activity type. Then users are identified by those signatures after login. The signature consists of the user input signature and the internet traffic information.
The intrusion detection model aims to detect intrusion based on normal internet traffic parameters and operational values. Since Denial-of-service is one of the intrusions that can be easily launched and pose great threat to network and workstations, therefore, the model focus on detecting DOS attack. TCP flood attack and ICMP flood attack are simulated for intrusion detection testing.
The functionality of these two models is to provide a more secure working and network environment for individuals continuously. |
| author2 |
Tan Yap Peng |
| author_facet |
Tan Yap Peng Gui, Shengyu |
| format |
Final Year Project |
| author |
Gui, Shengyu |
| author_sort |
Gui, Shengyu |
| title |
Internet traffic analysis |
| title_short |
Internet traffic analysis |
| title_full |
Internet traffic analysis |
| title_fullStr |
Internet traffic analysis |
| title_full_unstemmed |
Internet traffic analysis |
| title_sort |
internet traffic analysis |
| publishDate |
2014 |
| url |
http://hdl.handle.net/10356/60991 |
| _version_ |
1772826008980815872 |