Boundary Detection in Tokenizing Network Application Payload for Anomaly Detection

@inproceedings{Vargiya2003BoundaryDI,
  title={Boundary Detection in Tokenizing Network Application Payload for Anomaly Detection},
  author={Rachna Vargiya and Philip Chan},
  year={2003}
}
Most of the current anomaly detection methods for network traffic rely on the packet header for studying network traffic behavior. We believe that significant information lies in the payload of the packet and hence it is important to model the payload as well. Since many protocols exist and new protocols are frequently introduced, parsing the payload based on the protocol specification is time-consuming. Instead of relying on the specification, we propose four different characteristics of… CONTINUE READING
Highly Cited
This paper has 35 citations. REVIEW CITATIONS

Similar Papers

Loading similar papers…