A non-instrusive, wavelet-based approach to detecting network performance problems
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Characterization of network-wide anomalies in traffic flows
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Network anomaly detection based on wavelet analysis
EURASIP Journal on Advances in Signal Processing - Special issue on signal processing applications in network intrusion detection systems
A novel signal-based approach to anomaly detection in IDS systems
ICANNGA'09 Proceedings of the 9th international conference on Adaptive and natural computing algorithms
Matching pursuits with time-frequency dictionaries
IEEE Transactions on Signal Processing
Greed is good: algorithmic results for sparse approximation
IEEE Transactions on Information Theory
Low-rate and flexible image coding with redundant representations
IEEE Transactions on Image Processing
Matching pursuit video coding .I. Dictionary approximation
IEEE Transactions on Circuits and Systems for Video Technology
Network events correlation for federated networks protection system
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
Hi-index | 0.00 |
In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce false positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper is novel framework for network security based on the correlation approach as well as new signal-based algorithm for intrusion detection on the basis of the Matching Pursuit (MP) algorithm. As to our best knowledge, we are the first to use MP for intrusion and anomaly detection in computer networks. In the presented experiments, we proved that our solution gives better results than intrusion detection based on discrete wavelet transform. © 2012 Wiley Periodicals, Inc.