Neue Verfahren zur Anomalie-Erkennung in IP-Netzen.

Roland Kwitt (2005): Neue Verfahren zur Anomalie-Erkennung in IP-Netzen. Fachhochschule Salzburg: Diplomarbeit

This thesis presents a disquisition on dynamic anomaly detection in IP-networks. The
first part contains a treatment of a selection of representative approaches in the research
field of anomaly detection and provides a summary of the mathematical basics.
In the second part of the work, we introduce a new, two-step approach towards anomaly
detection, consisting of statistical analysis and machine learning. All concepts
are treated step by step on a likewise theoretical and practical basis. Resting upon
this new approach, we show encouraging anomaly detection results with respect to a
popular intrusion detection data set. Last but not least, we focus on a runtime analysis
of the employed algorithms, exemplified by profling results. The work is completed by
an outlook on possible enhancements and a summarization of the main outcomes.

Newsletter
Erhalten Sie viermal jährlich unseren postalischen Newsletter sowie Einladungen zu Veranstaltungen. Kostenlos abonnieren.

Kontakt
Salzburg Research Forschungsgesellschaft
Jakob Haringer Straße 5/3
5020 Salzburg, Austria