Network intrusion detection using wavelet analysis

Authors:
Sanjay Rawat;Challa S. Sastry
Affiliations:
AI Lab, Dept. of Computer and Information Sciences, University of Hyderabad, Hyderabad, India;AI Lab, Dept. of Computer and Information Sciences, University of Hyderabad, Hyderabad, India
Venue:
CIT'04 Proceedings of the 7th international conference on Intelligent Information Technology
Year:
2004

Citing 12
Cited 3

Ten lectures on wavelets

Ten lectures on wavelets
On the self-similar nature of Ethernet traffic (extended version)

IEEE/ACM Transactions on Networking (TON)
Self-similarity in World Wide Web traffic: evidence and possible causes

IEEE/ACM Transactions on Networking (TON)
Mining in a data-flow environment: experience in network intrusion detection

KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Characteristics of network traffic flow anomalies

IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A non-instrusive, wavelet-based approach to detecting network performance problems

IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Statistical Traffic Modeling for Network Intrusion Detection

MASCOTS '00 Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
On the Self-similarity of Synthetic Traffic for the Evaluation of Intrusion Detection Systems

SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Data mining approaches for intrusion detection

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set

Intelligent Data Analysis
Simulation of self-similarity in network utilization patterns as a precursor to automated testing of intrusion detection systems

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Wavelet analysis of long-range-dependent traffic

IEEE Transactions on Information Theory

Network traffic analysis using singular value decomposition and multiscale transforms

Information Sciences: an International Journal
Network anomaly detection based on wavelet analysis

EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Self-similarity based lightweight intrusion detection method for cloud computing

ACIIDS'11 Proceedings of the Third international conference on Intelligent information and database systems - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

The inherent presence of self-similarity in network (LAN, Internet) traffic motivates the applicability of wavelets in the study of ‘burstiness' features of them. Inspired by the methods that use the self-similarity property of a data network traffic as normal behaviour and any deviation from it as the anomalous behaviour, we propose a method for anomaly based network intrusion detection. Making use of the relations present among the wavelet coefficients of a self-similar function in a different way, our method determines the possible presence of not only an anomaly, but also its location in the data. We provide the empirical results on KDD data set to justify our approach.