Detection of traffic anomalies in multi-service networks based on a fuzzy logical inference

Abstract

Methods and algorithms for detection of traffic anomalies in multi-service networks play a key role in creating the malware intrusion detection and prevention systems in modern communication infrastructures. The major requirement imposed to such systems is the ability to find anomalies and, respectively, intrusions in real time. Complexity of this problem is caused in many ways by incompleteness, discrepancy and variety of distribution laws at streams in a multi-service traffic. The paper represents a new technique for traffic anomaly detection in multiservice networks. It is based on using modified adaptation algorithms without identification and fuzzy logical inference rules. Results of an experimental assessment of the technique are discussed.