Paper Info
Title
Statistical and signal-based network traffic recognition for anomaly detection
Abstract
In this paper, a framework for recognizing network traffic in order to detect anomalies is proposed. We propose to combine and correlate parameters from different layers in order to detect 0-day attacks and reduce false positives. Moreover, we propose to combine statistical and signal-based features. The major contribution of this paper is novel framework for network security based on the correlation approach as well as new signal-based algorithm for intrusion detection on the basis of the Matching Pursuit (MP) algorithm. As to our best knowledge, we are the first to use MP for intrusion and anomaly detection in computer networks. In the presented experiments, we proved that our solution gives better results than intrusion detection based on discrete wavelet transform. © 2012 Wiley Periodicals, Inc.
Year
DOI
Venue
2012
10.1111/j.1468-0394.2010.00576.x
Expert Systems
Keywords
Field
DocType
anomaly detection,signal-based network traffic recognition,novel framework,matching pursuit,new signal-based algorithm,network traffic,network security,signal-based feature,0-day attack,computer network,intrusion detection,signal processing
Matching pursuit,Data mining,Anomaly detection,Signal processing,Computer science,Network security,Anomaly-based intrusion detection system,Artificial intelligence,Discrete wavelet transform,Intrusion detection system,Machine learning,False positive paradox
Journal
Volume
Issue
ISSN
29
3
0266-4720
Citations 
PageRank 
References 
11
0.85
12
Authors
4
Name
Order
Citations
PageRank
Michał Choraś112918.82
Lukasz Saganowski2317.51
Rafał Renk3181.94
Witold Holubowicz47015.51