Advertisement

Expansion of Matching Pursuit Methodology for Anomaly Detection in Computer Networks

  • Łukasz Saganowski
  • Tomasz Andrysiak
  • Michał Choraś
  • Rafał Renk
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 95)

Abstract

In this paper we present further expansion of our matching pursuit methodology for anomaly detection in computer networks. In our previous work we proposed new signal based algorithm for intrusion detection systems based on anomaly detection approach on the basis of the Matching Pursuit algorithm. Hereby, we present further modifications of our methodology and we report improved results on the benchmark data sets.

Keywords

Intrusion Detection Anomaly Detection Intrusion Detection System Gabor Function Match Pursuit Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Coppolino, L., D’Antonio, S., Esposito, M., Romano, L.: Exploiting diversity and correlation to improve the performance of intrusion detection systems. In: Proc of IFIP/IEEE International Conference on Network and Service (2009)Google Scholar
  2. 2.
    Saganowski, Ł., Choraś, M., Renk, R., Hołubowicz, W.: A Novel Signal-Based Approach to Anomaly Detection in IDS Systems. In: Kolehmainen, M., Toivanen, P., Beliczynski, B. (eds.) ICANNGA 2009. LNCS, vol. 5495, pp. 527–536. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Choraś, M., Saganowski, Ł., Renk, R., Hołubowicz, W.: Statistical and signal-based network traffic recognition for anomaly detection. Expert Systems: The Journal of Knowledge Engineering (2011)Google Scholar
  4. 4.
    Davis, G., Mallat, S., Avellaneda, M.: Adaptive greedy approximations. Journal of Constructive Approximations 13, 57–98 (1987)MathSciNetGoogle Scholar
  5. 5.
    Gilbert, A., Muthukrishnam, S., Strauss, M.J.: Approximation of functions over redundant dictionaries using coherence. In: 14th ACM-SIAM Symposium on Discrete Algorithms (2003)Google Scholar
  6. 6.
    Gabor, D.: Theory of communication. Journals Electrical Enginners 93, 429–457 (1946)Google Scholar
  7. 7.
    Goodwin, M.: Adaptive Signal Models: Theory, Algorithms, and Audio Algorithms. Kluwer, Boston (1998)Google Scholar
  8. 8.
    Natarajan, B.K.: Sparse approximate solutions to linear systems. SIAM Journal of Computation 24, 227–234 (1995)CrossRefzbMATHMathSciNetGoogle Scholar
  9. 9.
    Zhang, M.S.: Matching Pursuit with time-frequency dictionaries. IEEE Transactions on Signal Processing 41(12), 3397–3415 (1993)CrossRefzbMATHGoogle Scholar
  10. 10.
    Jost, P., Vandergheynst, P., Frossard, P.: Tree-Based Pursuit: Algorithm and Properties. Swiss Federal Institute of Technology Lausanne (EPFL), Signal Processing Institute Technical Report, TR-ITS-2005.013 (2005)Google Scholar
  11. 11.
    DeLooze, L.: Attack Characterization and Intrusion Detection using an Ensemble of Self-Organizing Maps. In: IEEE Workshop on Information Assurance United States Military Academy, West Point, NY, pp. 108–115 (2006)Google Scholar
  12. 12.
    Lakhina, A., Crovella, M., Diot, C.H.: Characterization of network-wide anomalies in traffic flows. In: Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pp. 201–206 (2004)Google Scholar
  13. 13.
    Defense Advanced Research Projects Agency DARPA Intrusion Detection Evaluation Data Set, http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html
  14. 14.
    WIDE Project. MAWI Working Group Traffic Archive at tracer.csl.sony.co.jp/mawi/Google Scholar
  15. 15.
    The CAIDA Dataset on the Witty Worm, Colleen Shanon and David Moore (2004), http://www.caida.org/passive/witty
  16. 16.
    Wei, L., Ghorbani, A.: Network Anomaly Detection Based on Wavelet Analysis. EURASIP Journal on Advances in Signal Processing Article ID 837601, 16 (2009), doi:10.1155/2009Google Scholar
  17. 17.
    Troop, J.A.: Greed is Good: Algorithmic Results for Sparse Approximation. IEEE Transactions on Information Theory 50(10) (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Łukasz Saganowski
    • 1
  • Tomasz Andrysiak
    • 1
  • Michał Choraś
    • 1
    • 2
  • Rafał Renk
    • 2
    • 3
  1. 1.Institute of TelecommunicationsUniversity of Technology & Life SciencesBydgoszczPoland
  2. 2.ITTI Ltd.PoznańPoland
  3. 3.Adam Mickiewicz UniversityPoznańPoland

Personalised recommendations