Intrusion detection
Data mining: concepts and techniques
Data mining: concepts and techniques
Proceedings of the seventh ACM SIGKDD international conference on Knowledge discovery and data mining
Self-Organizing Maps
What Is the Nearest Neighbor in High Dimensional Spaces?
VLDB '00 Proceedings of the 26th International Conference on Very Large Data Bases
On effective classification of strings with wavelets
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Parzen-Window Network Intrusion Detectors
ICPR '02 Proceedings of the 16 th International Conference on Pattern Recognition (ICPR'02) Volume 4 - Volume 4
An introduction to variable and feature selection
The Journal of Machine Learning Research
Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Unsupervised learning techniques for an intrusion detection system
Proceedings of the 2004 ACM symposium on Applied computing
On-Line Unsupervised Outlier Detection Using Finite Mixtures with Discounting Learning Algorithms
Data Mining and Knowledge Discovery
A Survey of Outlier Detection Methodologies
Artificial Intelligence Review
Analyzing TCP traffic patterns using self organizing maps
ICIAP'05 Proceedings of the 13th international conference on Image Analysis and Processing
Classification of packet contents for malware detection
Journal in Computer Virology
Hi-index | 0.00 |
In this paper we present a tool for network anomaly detection and network intelligence which we named ULISSE. It uses a two tier architecture with unsupervised learning algorithms to perform network intrusion and anomaly detection. ULISSE uses a combination of clustering of packet payloads and correlation of anomalies in the packet stream. We show the experiments we conducted on such architecture, we give performance results, and we compare our achievements with other comparable existing systems.