Signal Processing Applications in Network Intrusion Detection Systems
-
Citation: EURASIP Journal on Advances in Signal Processing 2009 2009:527689
-
Detecting Pulsing Denial-of-Service Attacks with Nondeterministic Attack Intervals
This paper addresses the important problem of detecting pulsing denial of service (PDoS) attacks which send a sequence of attack pulses to reduce TCP throughput. Unlike previous works which focused on a restri...
Citation: EURASIP Journal on Advances in Signal Processing 2009 2009:256821 -
An Adaptive Approach to Granular Real-Time Anomaly Detection
Anomaly-based intrusion detection systems have the ability to detect novel attacks, but when applied in real-time detection, they face the challenges of producing many false alarms and failing to match with th...
Citation: EURASIP Journal on Advances in Signal Processing 2009 2009:589413 -
Multilayer Statistical Intrusion Detection in Wireless Networks
The rapid proliferation of mobile applications and services has introduced new vulnerabilities that do not exist in fixed wired networks. Traditional security mechanisms, such as access control and encryption,...
Citation: EURASIP Journal on Advances in Signal Processing 2008 2009:368589 -
Detecting Network Intrusions Using Signal Processing with Query-Based Sampling Filter
This paper presents a novel approach for training a network intrusion detection system based on a query-based sampling (QBS) filter. The proposed QBS filter applies the concepts of data quantization to signal ...
Citation: EURASIP Journal on Advances in Signal Processing 2008 2009:735283 -
Identifying MMORPG Bots: A Traffic Analysis Approach
Massively multiplayer online role playing games (MMORPGs) have become extremely popular among network gamers. Despite their success, one of MMORPG's greatest challenges is the increasing use of game bots, that...
Citation: EURASIP Journal on Advances in Signal Processing 2008 2009:797159 -
Detecting Distributed Network Traffic Anomaly with Network-Wide Correlation Analysis
Distributed network traffic anomaly refers to a traffic abnormal behavior involving many links of a network and caused by the same source (e.g., DDoS attack, worm propagation). The anomaly transiting in a sing...
Citation: EURASIP Journal on Advances in Signal Processing 2008 2009:752818 -
Network Anomaly Detection Based on Wavelet Analysis
Signal processing techniques have been applied recently for analyzing and detecting network anomalies due to their potential to find novel or unknown intrusions. In this paper, we propose a new network signal ...
Citation: EURASIP Journal on Advances in Signal Processing 2008 2009:837601