A Theory for Multiresolution Signal Decomposition: The Wavelet Representation
IEEE Transactions on Pattern Analysis and Machine Intelligence
Fractal functions and wavelet expansions based on several scaling functions
Journal of Approximation Theory
NATE: Network Analysis of Anomalous Traffic Events, a low-cost approach
Proceedings of the 2001 workshop on New security paradigms
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
IEEE Transactions on Computers
Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse
IEEE Transactions on Software Engineering
An Intelligent Decision Support System for Intrusion Detection and Response
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
An empirical analysis of NATE: Network Analysis of Anomalous Traffic Events
Proceedings of the 2002 workshop on New security paradigms
Holding intruders accountable on the Internet
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Probabilistic techniques for intrusion detection based on computer audit data
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Singularity detection and processing with wavelets
IEEE Transactions on Information Theory - Part 2
DDoS attacks detection model and its application
WSEAS Transactions on Computers
A method of run-time detecting DDos attacks
ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
A bidirectional-based DDoS detection mechanism
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
PSO-SFDD: Defense against SYN flooding DoS attacks by employing PSO algorithm
Computers & Mathematics with Applications
Improved anomaly detection using block-matching denoising
Computer Communications
DDoS flooding attack detection scheme based on F-divergence
Computer Communications
Distributed denial-of-service attack detection scheme-based joint-entropy
Security and Communication Networks
Detecting latent attack behavior from aggregated Web traffic
Computer Communications
Hi-index | 0.25 |
Anomaly-based intrusion detection is a crucial research issue as it permits to identify attacks that does not necessarily have known signatures. However, approaches using anomalies often consume more resources than those based on misuse detection and have a higher false alarm rate. This paper presents an efficient anomaly analysis method that is proved to be more efficient and less complex than the existing techniques. The approach relies on monitoring the security state by using a set of accurate metrics. The Wavelet Transform (WT) is used to decompose these metrics in the time-scale space. Attacks are viewed as Lipschitz singularities that arise in some specific points of time. Henceforth, the anomaly detection process is performed through processing the signals representing the metrics. The proposed approach is also shown to be extensible to the case where the monitoring points, used to gather the measurable features, are distributed according to the network topology.