PhD Forum: A System Identification Approach to Monitoring Network Traffic Security

TitlePhD Forum: A System Identification Approach to Monitoring Network Traffic Security
Publication TypeConference Paper
Year of Publication2015
AuthorsMayo, Q, Bryce, R, Dantu, R
Conference Name2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing
Date PublishedNov
KeywordsARX, ARX model, autoregressive processes, Computational modeling, computer network security, Computer security, cyber system, dynamic system, Electronic mail, intrusion detection system, linear time invariant model, Mathematical model, Models, network traffic security, network traffic stability, Predictive models, Security, Silicon, System Identification, system identification approach, telecommunication traffic
Abstract

Network security is a growing area of interest for cyber systems, especially given the increasing number of attacks on companies each year. Though there are a vast amount of tools already available, System Identification (SI) complements intrusion detection systems to help manage network traffic stability. SI is the science of building mathematical models of dynamic systems. This paper introduces the use of SI for modeling network traffic and utilizes a linear time invariant model to analyze performance of real connections and attack instances. We generated several ARX models where each represented a different threat state in the network. We utilized the KDD CUP 1999's DARPA dataset to analyze the performance when dealing with different attacks. Results show that the average model fit was 84.14% when determining if the system was experiencing normal traffic. This value is promising because it shows how well the system is able to determine a network state in a given time when fed input.

DOI10.1109/CSCloud.2015.85

Publication Status:

UNT Department:

UNT Center: