Analysis of Payload Based Application level Network Anomaly Detection

  title={Analysis of Payload Based Application level Network Anomaly Detection},
  author={Like Zhang and Gregory B. White},
  journal={2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07)},
Most network anomaly detection research is based on packet header fields, while the payload is usually discarded. Preventing unknown attacks and Internet worms has led to a need for application level network anomaly detection. Payload based detection schemes in experiments are often misleading. In this paper, we discuss the problems associated with the experimental results. In the first section, a brief review would be given for application level anomaly detection research. Introduction to… CONTINUE READING

From This Paper

Figures, tables, and topics from this paper.


Publications referenced by this paper.

A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection

  • A. Lazarevic, L. Ertoz, A Ozgur, J. Srivastava, V. Kumar
  • Proceedings of the 3rd SIAM Conference on Data…
  • 2003
Highly Influential
5 Excerpts

A multi-model approach to the detection of web-based attacks

  • Christopher Kruegel, Giovanni Vigna, W. Robertson
  • Computer Networks,
  • 2005
1 Excerpt

Approaching Zero

  • E. Levy
  • IEEE Security & Privacy Magazine,
  • 2004
2 Excerpts

The MINDS - Minnesota Intrusion Detection System”, Next Generation Data

  • L. Ertoz, E. Eilertson, +4 authors P. Dokas
  • 2004
2 Excerpts

Similar Papers

Loading similar papers…