An unknown input sliding observer for anomaly detection in TCP/IP networks

@article{Rahme2009AnUI,
  title={An unknown input sliding observer for anomaly detection in TCP/IP networks},
  author={Sandy Rahme and Yann Labit and Fr{\'e}d{\'e}ric Gouaisbaut},
  journal={2009 International Conference on Ultra Modern Telecommunications & Workshops},
  year={2009},
  pages={1-7}
}
This paper deals with the issue of anomaly detection in TCP/IP networks based on a control theory approach. Using a previously developed sliding mode observer, an improvement of the anomaly detection and reconstruction is proposed. More specifically, the ability of distinguishing false/true positives and false/true negatives in a prescribed finite time is ensured thanks to the design of an unknown input observer combined to some low pass filters. A high quality of service (QoS) is thus… CONTINUE READING