In the last few years the number and impact of security attacks over the Internet have been continuously increasing. Since it is impossible to guarantee complete protection to a system by means of the "classical" prevention mechanisms, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering some techniques for detecting network anomalies, based on the use of co-occurrence matrices, to model the "normal" behavior of the TCP connections. The performance analysis, shows a comparison among the different solutions, which demonstrates the effectiveness of the proposed methods.

On the Use of Co-Occurrence Matrices for Network Anomaly Detection

CALLEGARI, CHRISTIAN;GIORDANO, STEFANO;PAGANO, MICHELE
2009

Abstract

In the last few years the number and impact of security attacks over the Internet have been continuously increasing. Since it is impossible to guarantee complete protection to a system by means of the "classical" prevention mechanisms, the use of Intrusion Detection Systems (IDSs) has emerged as a key element in network security. In this paper we address the problem considering some techniques for detecting network anomalies, based on the use of co-occurrence matrices, to model the "normal" behavior of the TCP connections. The performance analysis, shows a comparison among the different solutions, which demonstrates the effectiveness of the proposed methods.
9781605585697
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11568/200609
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? ND
social impact