Anomalous Payload-Based Network Intrusion Detection

@inproceedings{Wang2004AnomalousPN,
  title={Anomalous Payload-Based Network Intrusion Detection},
  author={Ke Wang and Salvatore J. Stolfo},
  booktitle={RAID},
  year={2004}
}
We present a payload-based anomaly detector, we call PAYL, for intrusion detection. PAYL models the normal application payload of network traffic in a fully automatic, unsupervised and very effecient fashion. We first compute during a training phase a profile byte frequency distribution and their standard deviation of the application payload flowing to a single host and port. We then use Mahalanobis distance during the detection phase to calculate the similarity of new data against the pre… CONTINUE READING
Highly Influential
This paper has highly influenced 113 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 781 citations. REVIEW CITATIONS
Recent Discussions
This paper has been referenced on Twitter 3 times over the past 90 days. VIEW TWEETS

Citations

Publications citing this paper.
Showing 1-10 of 511 extracted citations

781 Citations

050'06'09'12'15'18
Citations per Year
Semantic Scholar estimates that this publication has 781 citations based on the available data.

See our FAQ for additional information.

Similar Papers

Loading similar papers…