Wavelet-based unwanted traffic time series analysis

Proceedings of the 2008 International Conference on Computer and Electrical Engineering, ICCEE 2008

Volumn , Issue , 2008, Pages 445-449

  Limthong, Kriangkrai ^a   Kensuke, Fukuda ^b   Watanapongse, Pirawat ^a  

^a KASETSART UNIVERSITY   (Thailand)

^b NATIONAL INSTITUTE OF INFORMATICS   (Japan)

Author keywords

[No Author keywords available]

Indexed keywords

DISCRETE WAVELET TRANSFORMS; ELECTRICAL ENGINEERING; SIGNAL PROCESSING; TIME SERIES; TIME SERIES ANALYSIS; TRANSMISSION CONTROL PROTOCOL;

ANOMALOUS ACTIVITIES; CONVENTIONAL METHODS; DARKNET; DISCRETE-WAVELET-TRANSFORM; NETWORK STABILITIES; SIGNAL DECOMPOSITIONS; THREE INTERVALS; TRAFFIC ANOMALIES; UNWANTED TRAFFICS; WAVELET TECHNIQUES; WORK FOCUS;

WAVELET DECOMPOSITION;

EID: 62949245784     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICCEE.2008.106     Document Type: Conference Paper

References (30)

1. H.-A. Kim and B. Karp, "Autograph: toward automated, distributed worm signature detection," in SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium. Berkeley, CA, USA: USENIX Association, 2004, pp. 19-19.
2. S. Schechter, J. Jung, and A. W. Berger, "Fast detection of scanning worm infections," in 7th International Symposium on Recent Advances in Intrusion Detection (RAID), French Riviera, France, September 2004.
3. A. Hussain, J. Heidemann, and C. Papadopoulos, "A framework for classifying denial of service attacks," in SIGCOMM '03: Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications. New York, NY, USA: ACM, 2003, pp. 99-110.
4. J. Jung, V. Paxson, A. W. Berger, and H. Balakrishnan, "Fast portscan detection using sequential hypothesis testing," in IEEE Symposium on Security and Privacy 2004, Oakland, CA, May 2004.
5. J. Jung, B. Krishnamurthy, and M. Rabinovich, "Flash crowds and denial of service attacks: characterization and implications for cdns and web sites," in WWW '02: Proceedings of the 11th international conference on World Wide Web. New York, NY, USA: ACM, 2002, pp. 293-304.
6. M. Bailey, E. Cooke, F. Jahanian, A. Myrick, and S. Sinha, "Practical darknet measurement," Information Sciences and Systems, 2006 40th Annual Conference on, pp. 1496-1501, March 2006.
7. D. Moore, C. Shannon, G. M. Voelker, and S. Savage., "Network telescopes," University of California, San Diego, Tech. Rep., July 2004.
8. M. Bailey, E. Cooke, F. Jahanian, and J. Nazario, "The internet motion sensor - a distributed blackhole monitoring system," in NDSS, 2005.
9. R. Pang, V. Yegneswaran, P. Barford, V. Paxson, and L. Peterson, "Characteristics of internet background radiation," in IMC '04: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement. New York, NY, USA: ACM, 2004, pp. 27-40.
10. A. Patcha and J.-M. Park, "An overview of anomaly detection techniques: Existing solutions and latest technological trends," Comput. Netw., vol. 51, no. 12, pp. 3448-3470, 2007.
11. C. Krugel, T. Toth, and E. Kirda, "Service specific anomaly detection for network intrusion detection," in SAC '02: Proceedings of the 2002 ACM symposium on Applied computi ng. New York, NY, USA: ACM, 2002, pp. 201-208.
12. J. M. Estevez-Tapiador, P. Garcia-Teodoro, and J. E. Diaz-Verdejo, "Anomaly detection methods in wired networks: a survey and taxonomy," Computer Communications, vol. 27, no. 16, pp. 1569-1584, Oct. 2004.
13. P. Barford and D. Plonka, "Characteristics of network traffic flow anomalies," in IMW '01: Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement. New York, NY, USA: ACM, 2001, pp. 69-73.
14. N. Ye, S. Vilbert, and Q. Chen, "Computer intrusion detection through ewma for autocorrelated and uncorrelated data," Reliability, IEEE Transactions on, vol. 52, no. 1, pp. 75-82, March 2003.
15. S. S. Kim and A. L. N. Reddy, "Statistical techniques for detecting traffic anomalies through packet header data," Networking, IEEE/ACM Transactions on, vol. 16, no. 3, pp. 562-575, June 2008.
16. R. R. Kompella, S. Singh, and G. Varghese, "On scalable attack detection in the network," IEEE/ACM Trans. Netw., vol. 15, no. 1, pp. 14-25, 2007.
17. A. Tartakovsky, B. Rozovskii, R. Blazek, and H. Kim, "A novel approach to detection of intrusions in computer networks via adaptive sequential and batch-sequential change-point detection methods," Signal Processing, IEEE Transactions on, vol. 54, no. 9, pp. 3372-3382, Sept. 2006.
18. G. Dewaele, K. Fukuda, P. Borgnat, P. Abry, and K. Cho, "Extracting hidden anomalies using sketch and non gaussian multiresolution statistical detection procedures," in LSAD '07: Proceedings of the 2007 workshop on Large scale attack defense. New York, NY, USA: ACM, 2007, pp. 145-152.
19. M. Thottan and C. Ji, "Anomaly detection in ip networks," Signal Processing, IEEE Transactions on, vol. 51, no. 8, pp. 2191-2204, Aug. 2003.
20. A. Lakhina, M. Crovella, and C. Diot, "Diagnosing network-wide traffic anomalies," SIGCOMM Comput. Commun, Rev., vol. 34, no. 4, pp. 219-230, 2004.
21. P. Barford, J. Kline, D. Plonka, and A. Ron, "A signal analysis of network traffic anomalies," in IMW '02: Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment. New York, NY, USA: ACM, 2002, pp. 71-82.
22. G. Carl, R. R. Brooks, and S. Rai, "Wavelet based denial-of-service detection," Computers & Security, vol. 25, no. 8, pp. 600-615, Nov. 2006.
23. M. Hamdi and N. Boudriga, "Detecting denial-of-service attacks using the wavelet transform," Comput. Commun., vol. 30, no. 16, pp. 3203-3213, 2007.
24. R. Xunyi, W. Ruchuan, and W. Haiyan, "Wavelet analysis method for detection of DDoS attack on the basis of self-similarity," Frontiers of Electrical and Electronic Engineering in China, vol. 2, no. 1, pp. 73-77, March 2007.
25. W. Lu, M. Tavallaee, and A. A. Ghorbani, "Detecting network anomalies using different wavelet basis functions," cnsr, vol. 0, pp. 149-156, 2008.
26. D. Moore, C. Shannon, and K. Claffy, "Code-red: a case study on the spread and victims of an internet worm," in IMW '02: Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment. New York, NY, USA: ACM, 2002, pp. 273-284.
27. V. Yegneswaran, P. Barford, and V. Paxson, "Using honeynets for internet situational awareness," in In Proc. of the ACM/USENIX Fourth Workshop on Hot Topics in Networks, 2005.
28. P. Soto, "Identifying and modeling unwanted traffic on the internet," Thesis, Massachusetts Institute of Technology, 2006.
29. S. Mallat, A wavelet tour of signal processing. Academic Press, 1999.
30. D. B. Percival and A. T. Walden, Wavelet Methods for Time Series Analysis. Cambridge University Press, 2007.