Ten lectures on wavelets
On the self-similar nature of Ethernet traffic (extended version)
IEEE/ACM Transactions on Networking (TON)
Self-similarity in World Wide Web traffic: evidence and possible causes
IEEE/ACM Transactions on Networking (TON)
Mining in a data-flow environment: experience in network intrusion detection
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Characteristics of network traffic flow anomalies
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A non-instrusive, wavelet-based approach to detecting network performance problems
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
Statistical Traffic Modeling for Network Intrusion Detection
MASCOTS '00 Proceedings of the 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems
On the Self-similarity of Synthetic Traffic for the Evaluation of Intrusion Detection Systems
SAINT '03 Proceedings of the 2003 Symposium on Applications and the Internet
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Why machine learning algorithms fail in misuse detection on KDD intrusion detection data set
Intelligent Data Analysis
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Wavelet analysis of long-range-dependent traffic
IEEE Transactions on Information Theory
Network traffic analysis using singular value decomposition and multiscale transforms
Information Sciences: an International Journal
Network anomaly detection based on wavelet analysis
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
Self-similarity based lightweight intrusion detection method for cloud computing
ACIIDS'11 Proceedings of the Third international conference on Intelligent information and database systems - Volume Part II
Hi-index | 0.00 |
The inherent presence of self-similarity in network (LAN, Internet) traffic motivates the applicability of wavelets in the study of ‘burstiness' features of them. Inspired by the methods that use the self-similarity property of a data network traffic as normal behaviour and any deviation from it as the anomalous behaviour, we propose a method for anomaly based network intrusion detection. Making use of the relations present among the wavelet coefficients of a self-similar function in a different way, our method determines the possible presence of not only an anomaly, but also its location in the data. We provide the empirical results on KDD data set to justify our approach.