network anomaly
RSS network anomalyFlow Based Network Intrusion Detection System Using Hardware-Accelerated NetFlow Probes
White Paper Current network intrusion detection methods based on anomaly detection approaches suffer from comparatively higher error rate and low performance. Proposed flow based network intrusion... [20 Jun 2009]
Network-Based Intrusion Detection Using Unsupervised Adaptive Resonance Theory (ART)
White Paper The system uses a hybrid of misuse and anomaly detection approaches, so is capable of detecting known attack types as well as new attack types as anomalies. This paper introduces the Unsupervised Neural Net based... [20 Jun 2009]
Detecting Novel Network Intrusions Using Bayes Estimators
White Paper Traditionally, intrusion detection techniques are classified into two broad categories: misuse detection and anomaly detection. From the first appearance of network attacks, the internet worm, to the... [20 Jun 2009]
A Multi-Layered Approach to the Design of Intelligent Intrusion Detection and Prevention System (IIDPS)
White Paper The approach introduced, a multi - layered approach, in which each layer harnesses both aspects of existing approach, signature and anomaly approaches, to achieve a better detection and prevention capabilities. [20 Jun 2009]
Correlation-Based Load Balancing for Network Intrusion Detection and Prevention Systems
White Paper Since anomaly-based detection and prevention of some intrusions, such as Distributed Denial of Service (DDoS) attacks and port scans, require a single system to analyze correlated flows of the attacks, this loss of... [20 Jun 2009]
Anomaly Intrusion Detection System Using Hierarchical Gaussian Mixture Model
White Paper Anomaly-based approaches in Intrusion Detection Systems have the advantage of being able to detect unknown attacks; they look for patterns that deviate from the normal behavior. This paper proposed Hierarchical Gaussian... [20 Jun 2009]
Towards Real-Time Performance Monitoring for Encrypted Traffic
White Paper Network performance monitoring forms an essential component of critical IP network management functions such as troubleshooting, anomaly detection, and Service-Level-Agreement (SLA)... [30 May 2009]
Rule-Based Anomaly Detection on IP Flows
White Paper Rule-based packet classification is a powerful method for identifying traffic anomalies, with network security as a key application area. While popular systems like Snort are used in many network... [29 May 2009]
Anomaly Based Intrusion Detection Based on the Junction Tree Algorithm
White Paper Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer... [20 Dec 2008]
An Integrated Network Security Approach: Pairing Detecting Malicious Patterns With Anomaly Detection
White Paper This paper reports on research in progress concerning the integration of different security techniques. A main purpose of the project is to integrate as many security functionality as possible into the firewall. [04 Dec 2008]
Boosting Web Intrusion Detection Systems by Inferring Positive Signatures
White Paper This paper presents a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two... [29 Nov 2008]
An Adaptively Evolving Intrusion Detection System Using Pattern Recognition Techniques
White Paper Conventional intrusion detection methods in the field of computer security are anomaly detection and misuse detection - the former suffers from high false alarm rates while the latter lacks generalization capabilities... [14 Oct 2008]
Preventing Internet Denial-of-Service With Capabilities
White Paper The paper shows that the approach addresses many of the limitations of the currently popular approaches to DoS based on anomaly detection, traceback, and pushback. This enables verification points distributed around the... [14 Oct 2008]
Fuzzy Network Profiling for Intrusion Detection
White Paper The Fuzzy Intrusion Recognition Engine (FIRE) is an anomaly-based intrusion detection system that uses fuzzy logic to assess whether malicious activity is taking place on a network. It uses simple data... [13 Oct 2008]
An Experimental Analysis of Proactive Detection of Distributed Denial of Service Attacks
White Paper Anomaly methods, on the other hand, work on the basis of network traffic volume and measure abnormal traffic volume. One of the best solutions for anomaly detection of attacks is... [13 Oct 2008]
