Abstract | ||
---|---|---|
In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce false positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper is novel framework for network security based on the correlation approach as well as new signal-based algorithm for intrusion detection on the basis of the Matching Pursuit (MP) algorithm. As to our best knowledge, we are the first to use MP for intrusion and anomaly detection in computer networks. In the presented experiments, we proved that our solution gives better results than intrusion detection based on discrete wavelet transform. © 2012 Wiley Periodicals, Inc. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1111/j.1468-0394.2010.00576.x | Expert Systems |
Keywords | Field | DocType |
anomaly detection,signal-based network traffic recognition,novel framework,matching pursuit,new signal-based algorithm,network traffic,network security,signal-based feature,0-day attack,computer network,intrusion detection,signal processing | Matching pursuit,Data mining,Anomaly detection,Signal processing,Computer science,Network security,Anomaly-based intrusion detection system,Artificial intelligence,Discrete wavelet transform,Intrusion detection system,Machine learning,False positive paradox | Journal |
Volume | Issue | ISSN |
29 | 3 | 0266-4720 |
Citations | PageRank | References |
11 | 0.85 | 12 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Michał Choraś | 1 | 129 | 18.82 |
Lukasz Saganowski | 2 | 31 | 7.51 |
Rafał Renk | 3 | 18 | 1.94 |
Witold Holubowicz | 4 | 70 | 15.51 |