Recognizing Anomalies/Intrusions in Heterogeneous Networks

In this paper innovative recognition algorithm applied to Intrusion and/or Anomaly Detection System presented. We propose to use Matching Pursuit Mean Projection (MP-MP) of the reconstructed network signal to recognize anomalies/intrusions in network traffic. The practical usability of the proposed approach in the intrusion detection tolerance system (IDTS) in the INTERSECTION project is presented.

[1]  Rafał Renk,et al.  Signal-based Approach to Anomaly Detection in IDS Systems , 2009 .

[2]  Gyungho Lee,et al.  DDoS Attack Detection and Wavelets , 2003, Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712).

[3]  Tomasz Andrysiak,et al.  Image retrieval based on hierarchical Gabor filters , 2005 .

[4]  Alberto Dainotti,et al.  Wavelet-based Detection of DoS Attacks. , 2006 .

[5]  Rémi Gribonval,et al.  Fast matching pursuit with a multiscale dictionary of Gaussian chirps , 2001, IEEE Trans. Signal Process..

[6]  P. Frossard,et al.  Tree-Based Pursuit: Algorithm and Properties , 2006, IEEE Transactions on Signal Processing.

[7]  Paul Barford,et al.  A signal analysis of network traffic anomalies , 2002, IMW '02.

[8]  Lukasz Saganowski,et al.  A Novel Signal-Based Approach to Anomaly Detection in IDS Systems , 2009, ICANNGA.

[9]  Stéphane Mallat,et al.  Matching pursuits with time-frequency dictionaries , 1993, IEEE Trans. Signal Process..

[10]  Antonio Pescapè,et al.  Worm Traffic Analysis and Characterization , 2007, 2007 IEEE International Conference on Communications.

[11]  W. Holubowicz,et al.  Intrusion Detection System Based on Matching Pursuit , 2008, 2008 First International Conference on Intelligent Networks and Intelligent Systems.

[12]  H. T. Kung,et al.  Use of spectral analysis in defense against DoS attacks , 2002, Global Telecommunications Conference, 2002. GLOBECOM '02. IEEE.

[13]  Joel A. Tropp,et al.  Greed is good: algorithmic results for sparse approximation , 2004, IEEE Transactions on Information Theory.

[14]  Simon Pietro Romano,et al.  Evaluating Pattern Recognition Techniques in Intrusion Detection Systems , 2005, PRIS.

[15]  Antonio Pescapè,et al.  NIS04-1: Wavelet-based Detection of DoS Attacks , 2006, IEEE Globecom 2006.

[16]  Anja Feldmann,et al.  A non-instrusive, wavelet-based approach to detecting network performance problems , 2001, IMW '01.