Journal ArticleDOI
Anomaly-based network intrusion detection: Techniques, systems and challenges
Reads0
Chats0
TLDR
The main challenges to be dealt with for the wide scale deployment of anomaly-based intrusion detectors, with special emphasis on assessment issues are outlined.About:
This article is published in Computers & Security.The article was published on 2009-02-01. It has received 1712 citations till now. The article focuses on the topics: Anomaly-based intrusion detection system & Intrusion detection system.read more
Citations
More filters
Posted Content
Detection of Deviations in Mobile Applications Network Behavior
TL;DR: Evaluation experiments demonstrate that: (1) various applications have specific network traffic patterns and certain application categories can be distinguishable by their network patterns, and (3) local learning is feasible and has a low performance overhead on mobile devices.
Journal ArticleDOI
Preventing DDoS using Bloom Filter: A Survey
TL;DR: A survey on DDoS defending technique using Bloom Filter is presented in this article, which is a probabilistic data structure for membership query that returns either true or false, and Bloom Filter uses tiny memory to store information of large data.
Posted Content
Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset
TL;DR: This work proposes a new dataset, Bot-IoT, which incorporates legitimate and simulated IoT network traffic, along with various types of attacks, and provides the baseline for allowing botnet identificaiton across IoT-specifc networks.
Posted Content
Pay for a Sliding Bloom Filter and Get Counting, Distinct Elements, and Entropy for Free
TL;DR: This work presents a unified construction that solves all the above problems in the sliding window model and offers a better space to accuracy tradeoff than the state-of-the-art for each of these individual problems.
Journal ArticleDOI
Network Anomaly Detection inside Consumer Networks—A Hybrid Approach
TL;DR: A hybrid anomaly detection approach is proposed that detects irregularities in the network traffic implicating compromised devices by using only elementary network information like Packet Size, Source, and Destination Ports, Time between subsequent packets, Transmission Control Protocol (TCP) Flags, etc.
References
More filters
Journal ArticleDOI
LOF: identifying density-based local outliers
TL;DR: This paper contends that for many scenarios, it is more meaningful to assign to each object a degree of being an outlier, called the local outlier factor (LOF), and gives a detailed formal analysis showing that LOF enjoys many desirable properties.
Book ChapterDOI
Fast effective rule induction
TL;DR: This paper evaluates the recently-proposed rule learning algorithm IREP on a large and diverse collection of benchmark problems, and proposes a number of modifications resulting in an algorithm RIPPERk that is very competitive with C4.5 and C 4.5rules with respect to error rates, but much more efficient on large samples.
Book
Outliers in Statistical Data
Vic Barnett,Toby Lewis +1 more
TL;DR: In this article, the authors present an updated version of the reference work on outliers, including new areas of study such as outliers in direction data as well as developments in fields such as discordancy tests for univariate and multivariate samples.
Journal ArticleDOI
An Intrusion-Detection Model
TL;DR: A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.