Anomalous Payload-Based Network Intrusion Detection


We present a payload-based anomaly detector, we call PAYL, for intrusion detection. PAYL models the normal application payload of network traffic in a fully automatic, unsupervised and very effecient fashion. We first compute during a training phase a profile byte frequency distribution and their standard deviation of the application payload flowing to a… (More)
DOI: 10.1007/978-3-540-30143-1_11


11 Figures and Tables


Citations per Year

707 Citations

Semantic Scholar estimates that this publication has 707 citations based on the available data.

See our FAQ for additional information.

Cite this paper

@inproceedings{Wang2004AnomalousPN, title={Anomalous Payload-Based Network Intrusion Detection}, author={Ke Wang and Salvatore J. Stolfo}, booktitle={RAID}, year={2004} }