IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Intrusion detection with neural networks
NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
Towards a taxonomy of intrusion-detection systems
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
The base-rate fallacy and the difficulty of intrusion detection
ACM Transactions on Information and System Security (TISSEC)
Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites
Proceedings of the 11th international conference on World Wide Web
Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
IEEE Transactions on Computers
Machine Learning
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)
Protocol Analysis in Intrusion Detection Using Decision Tree
ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Viruses: Low volume viruses: new tools for criminals
Network Security
Hierarchical Kohonenen net for anomaly detection in network security
IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics
Network intrusion and fault detection: a statistical anomaly approach
IEEE Communications Magazine
Internet infrastructure security: a taxonomy
IEEE Network: The Magazine of Global Internetworking
DDoS attacks detection model and its application
WSEAS Transactions on Computers
A method of run-time detecting DDos attacks
ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
Predictive network anomaly detection and visualization
IEEE Transactions on Information Forensics and Security
ICICS'11 Proceedings of the 13th international conference on Information and communications security
Evaluation on multivariate correlation analysis based denial-of-service attack detection system
Proceedings of the First International Conference on Security of Internet of Things
Hi-index | 0.01 |
Detecting multiple and various network intrusions is essential to maintain the reliability of network services. The problem of network intrusion detection can be regarded as a pattern recognition problem. Traditional detection approaches neglect the correlation information contained in groups of network traffic samples which leads to their failure to improve the detection effectiveness. This paper directly utilizes the covariance matrices of sequential samples to detect multiple network attacks. It constructs a covariance feature space where the correlation differences among sequential samples are evaluated. Two statistical supervised learning approaches are compared: a proposed threshold based detection approach and a traditional decision tree approach. Experimental results show that both achieve high performance in distinguishing multiple known attacks while the threshold based detection approach offers an advantage of identifying unknown attacks. It is also pointed out that utilizing statistical information in groups of samples, especially utilizing the covariance information, will benefit the detection effectiveness.