A non-instrusive, wavelet-based approach to detecting network performance problems
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Intrusion Detection System Based on Matching Pursuit
ICINIS '08 Proceedings of the 2008 First International Conference on Intelligent Networks and Intelligent Systems
Fast matching pursuit with a multiscale dictionary of Gaussianchirps
IEEE Transactions on Signal Processing
Greed is good: algorithmic results for sparse approximation
IEEE Transactions on Information Theory
Statistical and signal-based network traffic recognition for anomaly detection
Expert Systems: The Journal of Knowledge Engineering
Hi-index | 0.00 |
In this paper we present our original methodology, in which Matching Pursuit is used for networks anomaly and intrusion detection. The architecture of anomaly-based IDS based on signal processing is presented. We propose to use mean projection of the reconstructed network signal to determine if the examined trace is normal or attacked. Experimental results confirm the efficiency of our method in worm detection scenario. The practical usability of the proposed approach in the intrusion detection tolerance system (IDTS) in the INTERSECTION project is presented.