A Theory for Multiresolution Signal Decomposition: The Wavelet Representation
IEEE Transactions on Pattern Analysis and Machine Intelligence
Wide area traffic: the failure of Poisson modeling
IEEE/ACM Transactions on Networking (TON)
IEEE/ACM Transactions on Networking (TON)
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
The 1998 Lincoln Laboratory IDS Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Denial-of-Service Attack-Detection Techniques
IEEE Internet Computing
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
Network traffic analysis using singular value decomposition and multiscale transforms
Information Sciences: an International Journal
Detecting Denial-of-Service attacks using the wavelet transform
Computer Communications
Early DoS Attack Detection using Smoothened Time-Series andWavelet Analysis
IAS '07 Proceedings of the Third International Symposium on Information Assurance and Security
Statistical techniques for detecting traffic anomalies through packet header data
IEEE/ACM Transactions on Networking (TON)
Network anomaly detection based on wavelet analysis
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
A Wavelet Tour of Signal Processing, Third Edition: The Sparse Way
A Wavelet Tour of Signal Processing, Third Edition: The Sparse Way
ACM Computing Surveys (CSUR)
Network Traffic Anomaly Detection Based on Self-Similarity Using HHT and Wavelet Transform
IAS '09 Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 01
Application of anomaly detection algorithms for detecting SYN flooding attacks
Computer Communications
Toward credible evaluation of anomaly-based intrusion-detection methods
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Histogram-based traffic anomaly detection
IEEE Transactions on Network and Service Management
Adaptive wavelet thresholding for image denoising and compression
IEEE Transactions on Image Processing
Image Denoising by Sparse 3-D Transform-Domain Collaborative Filtering
IEEE Transactions on Image Processing
Hi-index | 0.24 |
We present a new approach for network traffic anomaly detection based on a denoising algorithm that uses wavelet transforms. Using a block-matching technique and considering network traffic as noise, we suppress the traffic in order to detect anomalies. This approach is data-driven in the sense that samples of network traffic determine the amount of background traffic suppression. Therefore, the output of the algorithm is an anomaly that can be easily detected. To improve the performance, the block-matching technique is combined with a method that can detect very short attacks. Results show that attacks can be detected under a variety of conditions.