A Wavelet Entropy-Based Change Point Detection on Network Traffic: A Case Study of Heartbleed Vulnerability

A Wavelet Entropy-Based Change Point Detection on Network Traffic: A Case Study of Heartbleed Vulnerability

This paper investigates network traffic before and after a vulnerability called Heart bleed becomes a public issue around March to May, 2014. To detect anomalies and potential threats due to the vulnerability, a wavelet entropy-based change-point detection method is proposed and compared with three...

Full description

Saved in:
Bibliographic Details
Published in:2014 IEEE 6th International Conference on Cloud Computing Technology and Science pp. 995 - 1000
Main Authors: Chonho Lee, Liu Yi, Li-Hau Tan, Weihan Goh, Bu-Sung Lee, Chai-Kiat Yeo
Format: Conference Proceeding
Language:English
Published: IEEE 01-12-2014
Subjects:
Change-point detection
Cyber-security
Entropy
Google
Network traffic
Ports (Computers)
Security
Time series analysis
Time-frequency analysis
Vulnerability
Wavelet transforms
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper investigates network traffic before and after a vulnerability called Heart bleed becomes a public issue around March to May, 2014. To detect anomalies and potential threats due to the vulnerability, a wavelet entropy-based change-point detection method is proposed and compared with three other methods: prediction-based, clustering-based and Fourier transform-based. We show that the proposed wavelet entropy-based method outperforms the others in terms of ease of parameter setting, false alarm and detection accuracy. Using the proposed method and a visualization tool, we have studied Heart bleed vulnerability and successfully captured changes in packet volume and flow.
DOI:10.1109/CloudCom.2014.78