Radial basis functions for multivariable interpolation: a review
Algorithms for approximation
A resource-allocating network for function interpolation
Neural Computation
Constructive incremental learning from only local information
Neural Computation
How to Increase Security in Mobile Networks by Anomaly Detection
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
Network intrusion and fault detection: a statistical anomaly approach
IEEE Communications Magazine
IEEE Network: The Magazine of Global Internetworking
Internet infrastructure security: a taxonomy
IEEE Network: The Magazine of Global Internetworking
One step ahead to multisensor data fusion for DDoS detection
Journal of Computer Security - Special issue on security track at ACM symposium on applied computing 2004
Journal of Network and Systems Management
Minimizing False Positives of a Decision Tree Classifier for Intrusion Detection on the Internet
Journal of Network and Systems Management
Asset priority risk assessment using hidden markov models
Proceedings of the 10th ACM conference on SIG-information technology education
Topology aware internet traffic forecasting using neural networks
ICANN'07 Proceedings of the 17th international conference on Artificial neural networks
Hi-index | 0.00 |
The information technology advances that provide new capabilities to the network users and providers, also provide powerful new tools for network intruders that intend to launch attacks on critical information resources. In this paper we present a novel network attack diagnostic methodology, based on the characterization of the dynamic statistical properties of normal network traffic. The ability to detect network anomalies and attacks as unacceptable when significant deviations from the expected behavior occurs. Specifically, to provide an accurate identification of the normal network traffic behavior, we first develop an anomaly-tolerant nonstationary traffic prediction technique that is capable of removing both single pulse and continuous anomalies. Furthermore, we introduce and design dynamic thresholds, where we define adaptive anomaly violation conditions as a combined function of both magnitude and duration of the traffic deviations. Finally numerical results are presented that demonstrate the operational effectiveness and efficiency of the proposed approach under the presence of different attacks, such as mail-bombing attacks and UDP flooding attacks.