Intrusion detection using geometrical structure

Aruna Jamdagni*, Zhiyuan Tan, Priyadarsi Nanda, Xiangjian He, Ren Liu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

12 Citations (Scopus)

Abstract

We propose a statistical model, namely Geometrical Structure Anomaly Detection (GSAD) to detect intrusion using the packet payload in the network. GSAD takes into account the correlations among the packet payload features arranged in a geometrical structure. The representation is based on statistical analysis of Mahalanobis distances among payload features, which calculate the similarity of new data against precomputed profile. It calculates weight factor to determine anomaly in the payload. In the 1999 DARPA intrusion detection evaluation data set, we conduct several tests for limited attacks on port 80 and port 25. Our approach establishes and identifies the correlation among packet payloads in a network.

Original languageEnglish
Title of host publication4th International Conference on Frontier of Computer Science and Technology, FCST 2009
Place of PublicationPistacaway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages327-333
Number of pages7
ISBN (Electronic)9781424454679
ISBN (Print)9780769539324, 9781424454662
DOIs
Publication statusPublished - 2009
Externally publishedYes
Event4th International Conference on Frontier of Computer Science and Technology, FCST 2009 - Shanghai, China
Duration: 17 Dec 200919 Dec 2009

Other

Other4th International Conference on Frontier of Computer Science and Technology, FCST 2009
Country/TerritoryChina
CityShanghai
Period17/12/0919/12/09

Keywords

  • Geometrical structure
  • Intusion detection
  • Mahalanobis distance
  • Pattern recognition
  • Payload

Fingerprint

Dive into the research topics of 'Intrusion detection using geometrical structure'. Together they form a unique fingerprint.

Cite this