Preserving authentication and availability security services through Multivariate Statistical Network Monitoring

Sail Soufiane; Roberto Magán-Carrión; Inmaculada Medina-Bulo; Halima Bouden

Abstract:

Nowadays with the fast development of IT’s technologies, new services and applications improved people’s daily life. They are supported by tons of devices that are continuously sharing huge and heterogeneous data. In this challenging scenario, security issues are increasing and several threats arise where network communications and systems are targeted for attacks. In order to counteract against them, new tools and methods need to be proposed. The Multivariate Statistical Network Monitoring (MSNM) is a promising methodology for anomaly detection as demonstrated in several works. In this work, the practical application of this methodology is tested by means of the tool called MSNM-Sensor. Its detection performance is evaluated in common and harmful network attacks included in recently built network datasets. In particular, authentication based and different Denial of Service attack (DoS) types are successfully detected by MSNM-Sensor as two of nowadays relevant and harmful security threats. In comparison to similar state of the art approaches, the MSNM-S outperforms them in almost all the types of DoS and Brute Force attacks considered in this work.

Research areas: