Title

Mining Frequency Content Of Network Traffic For Intrusion Detection

Keywords

Fourier transform; Network intrusion detection; Time series

Abstract

This paper presents a novel network intrusion detection method that searches for frequency patterns within the time series created by network traffic signals. The new strategy is aimed for, but not limited to, detecting DOS and Probe attacks. The detection method is based on the observation that such kind of attacks are most likely manipulated by scripted code, which often result in periodicity patterns in either packet streams or the connection arrivals. Thus, by applying Fourier analysis to the time series created by network traffic signals, we could identify whether periodicity patterns exist in the traffic. We demonstrate the effectiveness of this frequency-mining strategy based on the synthetic network intrusion data from the DARPA datasets. The experimental results indicated that the proposed intrusion detection strategy is effective in detecting anomalous traffic data from large-scale time series data that exhibit patterns over time. Our strategy does not depend on prior knowledge of attack signatures, thus it has the potential to supplement any signature-based intrusion detection systems (IDS) and firewalls.

Publication Date

12-1-2003

Publication Title

Proceedings of the IASTED International Conference on Communication, Network, and Information Security

Number of Pages

237-242

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

Socpus ID

2642579955 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/2642579955

This document is currently not available here.

Share

COinS