Performance Evaluation of Network Anomaly Detection Systems

Nowadays, there is a huge and growing concern about security in information and communication technology (ICT) among the scientific community because any attack or anomaly in the network can greatly affect many domains such as national security, private data storage, social welfare, economic issues, and so on. Therefore, the anomaly detection domain is a broad research area, and many different techniques and approaches for this purpose have emerged through the years. Attacks, problems, and internal failures when not detected early may badly harm an entire Network system. Thus, this thesis presents an autonomous profile-based anomaly detection system based on the statistical method Principal Component Analysis (PCADS-AD). This approach creates a network profile called Digital Signature of Network Segment using Flow Analysis (DSNSF) that denotes the predicted normal behavior of a network traffic activity through historical data analysis. That digital signature is used as a threshold for volume anomaly detection to detect disparities in the normal traffic trend. The proposed system uses seven traffic flow attributes: Bits, Packets and Number of Flows to detect problems, and Source and Destination IP addresses and Ports, to provides the network administrator necessary information to solve them. Via evaluation techniques, addition of a different anomaly detection approach, and comparisons to other methods performed in this thesis using real network traffic data, results showed good traffic prediction by the DSNSF and encouraging false alarm generation and detection accuracy on the detection schema. The observed results seek to contribute to the advance of the state of the art in methods and strategies for anomaly detection that aim to surpass some challenges that emerge from the constant growth in complexity, speed and size of today’s large scale networks, also providing high-value results for a better detection in real time.Atualmente, existe uma enorme e crescente preocupação com segurança em tecnologia da informação e comunicação (TIC) entre a comunidade científica. Isto porque qualquer ataque ou anomalia na rede pode afetar a qualidade, interoperabilidade, disponibilidade, e integridade em muitos domínios, como segurança nacional, armazenamento de dados privados, bem-estar social, questões econômicas, e assim por diante. Portanto, a deteção de anomalias é uma ampla área de pesquisa, e muitas técnicas e abordagens diferentes para esse propósito surgiram ao longo dos anos. Ataques, problemas e falhas internas quando não detetados precocemente podem prejudicar gravemente todo um sistema de rede. Assim, esta Tese apresenta um sistema autônomo de deteção de anomalias baseado em perfil utilizando o método estatístico Análise de Componentes Principais (PCADS-AD). Essa abordagem cria um perfil de rede chamado Assinatura Digital do Segmento de Rede usando Análise de Fluxos (DSNSF) que denota o comportamento normal previsto de uma atividade de tráfego de rede por meio da análise de dados históricos. Essa assinatura digital é utilizada como um limiar para deteção de anomalia de volume e identificar disparidades na tendência de tráfego normal. O sistema proposto utiliza sete atributos de fluxo de tráfego: bits, pacotes e número de fluxos para detetar problemas, além de endereços IP e portas de origem e destino para fornecer ao administrador de rede as informações necessárias para resolvê-los. Por meio da utilização de métricas de avaliação, do acrescimento de uma abordagem de deteção distinta da proposta principal e comparações com outros métodos realizados nesta tese usando dados reais de tráfego de rede, os resultados mostraram boas previsões de tráfego pelo DSNSF e resultados encorajadores quanto a geração de alarmes falsos e precisão de deteção. Com os resultados observados nesta tese, este trabalho de doutoramento busca contribuir para o avanço do estado da arte em métodos e estratégias de deteção de anomalias, visando superar alguns desafios que emergem do constante crescimento em complexidade, velocidade e tamanho das redes de grande porte da atualidade, proporcionando também alta performance. Ainda, a baixa complexidade e agilidade do sistema proposto contribuem para que possa ser aplicado a deteção em tempo real

UMSL Bulletin 2020-2021

The 2020-2021 Bulletin and Course Catalog for the University of Missouri St. Louis.https://irl.umsl.edu/bulletin/1084/thumbnail.jp

UMSL Bulletin 2018-2019

The University Bulletin/Course Catalog 2018-2019 Edition.https://irl.umsl.edu/bulletin/1082/thumbnail.jp

UMSL Bulletin 2019-2020

The University Bulletin/Course Catalog 2019-2020 Edition.https://irl.umsl.edu/bulletin/1083/thumbnail.jp

Irreversible Noise: The Rationalisation of Randomness and the Fetishisation of Indeterminacy

This thesis aims to elaborate the theoretical and practical significance of the concept of noise with regard to current debates concerning realism, materialism, and rationality. The scientific conception of noise follows from the developments of thermodynamics, information theory, cybernetics, and dynamic systems theory; hence its qualification as irreversible. It is argued that this conceptualization of noise is entangled in several polemics that cross the arts and sciences, and that it is crucial to an understanding of their contemporary condition. This thesis draws on contemporary scientific theories to argue that randomness is an intrinsic functional aspect at all levels of complex dynamic systems, including higher cognition and reason. However, taking randomness or noise as given, or failing to distinguish between different descriptive levels, has led to misunderstanding and ideology. After surveying the scientific and philosophical context, the practical understanding of randomness in terms of probability theory is elaborated through a history of its development in the field of economics, where its idealization has had its most pernicious effects. Moving from the suppression of noise in economics to its glorification in aesthetics, the experience of noise in the sonic sense is first given a naturalistic neuro-phenomenological explanation. Finally, the theoretical tools developed over the course of the inquiry are applied to the use of noise in music. The rational explanation of randomness in various specified contexts, and the active manipulation of probability that this enables, is opposed to the political and aesthetic tendencies to fetishize indeterminacy. This multi-level account of constrained randomness contributes to the debate by demystifying noise, showing it to be an intrinsic and functionally necessary condition of reason and consequently of freedom

UMSL Bulletin 2021-2022

The 2021-2022 Bulletin and Course Catalog for the University of Missouri St. Louis. This is the July 1, 2021 pdf snapshot version of the University Bulletin and Course Catalog.https://irl.umsl.edu/bulletin/1086/thumbnail.jp

UMSL Bulletin 2017-2018

The University Bulletin/Course Catalog 2017-2018 Edition.https://irl.umsl.edu/bulletin/1081/thumbnail.jp

UMSL Bulletin 2016-2017

https://irl.umsl.edu/bulletin/1080/thumbnail.jp