Real-time anomaly detection model for worm mails in high-speed network
An Email flow anomaly detection method based on leaky integrate-and-fire model was presented for detecting flow anomaly in the process of mail worm propagation.According to the day period and week period properties of the mail flow,Firstly the Hellinger distance between current mail flow and history...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2006-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74668311/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841537324113985536 |
|---|---|
| author | LUO Hao FANG Bin-xing YUN Xiao-chun WANG Xin XIN Yi |
| author_facet | LUO Hao FANG Bin-xing YUN Xiao-chun WANG Xin XIN Yi |
| author_sort | LUO Hao |
| collection | DOAJ |
| description | An Email flow anomaly detection method based on leaky integrate-and-fire model was presented for detecting flow anomaly in the process of mail worm propagation.According to the day period and week period properties of the mail flow,Firstly the Hellinger distance between current mail flow and history statistic was calculated,and then integrate the Hellinger distance with Leaky integrate-and-fire method.In this way,the slice variety of flow was accumulated in the mail worm propagation slow start phase to archive the capability of the anomaly detection before the worm enter the fast spread phase.As this method only checks the mail flow information,it is suitable for high speed network mail flow anomaly detection. |
| format | Article |
| id | doaj-art-62f7a2285dd64f17bf3854c8cb446260 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2006-01-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-62f7a2285dd64f17bf3854c8cb4462602025-01-14T08:39:49ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2006-01-01354174668311Real-time anomaly detection model for worm mails in high-speed networkLUO HaoFANG Bin-xingYUN Xiao-chunWANG XinXIN YiAn Email flow anomaly detection method based on leaky integrate-and-fire model was presented for detecting flow anomaly in the process of mail worm propagation.According to the day period and week period properties of the mail flow,Firstly the Hellinger distance between current mail flow and history statistic was calculated,and then integrate the Hellinger distance with Leaky integrate-and-fire method.In this way,the slice variety of flow was accumulated in the mail worm propagation slow start phase to archive the capability of the anomaly detection before the worm enter the fast spread phase.As this method only checks the mail flow information,it is suitable for high speed network mail flow anomaly detection.http://www.joconline.com.cn/zh/article/74668311/worm mailanomaly detectionleaky integrate and fire model |
| spellingShingle | LUO Hao FANG Bin-xing YUN Xiao-chun WANG Xin XIN Yi Real-time anomaly detection model for worm mails in high-speed network Tongxin xuebao worm mail anomaly detection leaky integrate and fire model |
| title | Real-time anomaly detection model for worm mails in high-speed network |
| title_full | Real-time anomaly detection model for worm mails in high-speed network |
| title_fullStr | Real-time anomaly detection model for worm mails in high-speed network |
| title_full_unstemmed | Real-time anomaly detection model for worm mails in high-speed network |
| title_short | Real-time anomaly detection model for worm mails in high-speed network |
| title_sort | real time anomaly detection model for worm mails in high speed network |
| topic | worm mail anomaly detection leaky integrate and fire model |
| url | http://www.joconline.com.cn/zh/article/74668311/ |
| work_keys_str_mv | AT luohao realtimeanomalydetectionmodelforwormmailsinhighspeednetwork AT fangbinxing realtimeanomalydetectionmodelforwormmailsinhighspeednetwork AT yunxiaochun realtimeanomalydetectionmodelforwormmailsinhighspeednetwork AT wangxin realtimeanomalydetectionmodelforwormmailsinhighspeednetwork AT xinyi realtimeanomalydetectionmodelforwormmailsinhighspeednetwork |