Add to ORKGIn this paper, we present the design and implementation of a new approach for anomaly detection and classification over high speed networks. This approach is efficient in terms of its scalability, the anomaly detection delays and its ability not only to detect an anomaly but also to provide detailed and accurate information about the ongoing attack (attack type, IP addresses, port numbers, etc.). The proposed approach is based first of all on a data reduction phase through flow sampling by focusing mainly on short lived flows. The second step is then a random aggregation of some descriptors such as a number of SYN packets per flow in two different data structures called Count Min Sketch and Multi-Layer Reversible Sketch. A sequential change...
Global-scale attacks like viruses and worms are increasing in frequency, severity and sophistication...
Despite a Network Anomaly Detection System (NADS) being capable of detecting existing and zero-day a...
Abstract — Currently, flow-level anomaly detection systems get widely deployed in ISP networks to pr...
Abstract: New datamining techniques are developed for generating frequent episode rules of traffic e...
The spread of 1-10Gbps technology has in recent years paved the way to a flourishing landscape of ne...
Abstract. This paper provides a new framework for efficient detection and identification of network ...
International audienceThis paper provides a new framework for efficient detection and identification...
Abstract—In this paper, we propose an efficient framework for online detection and identification of...
Over the past decade, numerous systems have been proposed to detect and subsequently prevent or miti...
Denial of Service (DoS) attacks do not attempt to break into computer systems but aim to the disrupt...
Traditional Intrusion Detection approaches rely on the inspection of individual packets, often refer...
Traditional Intrusion Detection approaches rely on the inspection of individual packets, often refer...
Anomaly detection in computer networks yields valuable information on events relating to the compone...
The goal of intrusion detection is to identify attempted or ongoing attacks on a computer system or ...
Abstract—Detecting anomalies during the operation of a network is an important aspect of network man...
Global-scale attacks like viruses and worms are increasing in frequency, severity and sophistication...
Despite a Network Anomaly Detection System (NADS) being capable of detecting existing and zero-day a...
Abstract — Currently, flow-level anomaly detection systems get widely deployed in ISP networks to pr...
Abstract: New datamining techniques are developed for generating frequent episode rules of traffic e...
The spread of 1-10Gbps technology has in recent years paved the way to a flourishing landscape of ne...
Abstract. This paper provides a new framework for efficient detection and identification of network ...
International audienceThis paper provides a new framework for efficient detection and identification...
Abstract—In this paper, we propose an efficient framework for online detection and identification of...
Over the past decade, numerous systems have been proposed to detect and subsequently prevent or miti...
Denial of Service (DoS) attacks do not attempt to break into computer systems but aim to the disrupt...
Traditional Intrusion Detection approaches rely on the inspection of individual packets, often refer...
Traditional Intrusion Detection approaches rely on the inspection of individual packets, often refer...
Anomaly detection in computer networks yields valuable information on events relating to the compone...
The goal of intrusion detection is to identify attempted or ongoing attacks on a computer system or ...
Abstract—Detecting anomalies during the operation of a network is an important aspect of network man...
Global-scale attacks like viruses and worms are increasing in frequency, severity and sophistication...
Despite a Network Anomaly Detection System (NADS) being capable of detecting existing and zero-day a...
Abstract — Currently, flow-level anomaly detection systems get widely deployed in ISP networks to pr...