Skip to main content

Research Repository

Advanced Search

Intrusion Detection Using Geometrical Structure

Jamdagni, Aruna; Tan, Zhiyuan; Nanda, Priyadarsi; He, Xiangjian; Liu, Ren

Authors

Aruna Jamdagni

Priyadarsi Nanda

Xiangjian He

Ren Liu



Abstract

We propose a statistical model, namely Geometrical Structure Anomaly Detection (GSAD) to detect intrusion using the packet payload in the network. GSAD takes into account the correlations among the packet payload features arranged in a geometrical structure. The representation is based on statistical analysis of Mahalanobis distances among payload features, which calculate the similarity of new data against pre-computed profile. It calculates weight factor to determine anomaly in the payload. In the 1999 DARPA intrusion detection evaluation data set, we conduct several tests for limited attacks on port 80 and port 25. Our approach establishes and identifies the correlation among packet payloads in a network.

Citation

Jamdagni, A., Tan, Z., Nanda, P., He, X., & Liu, R. (2009, December). Intrusion Detection Using Geometrical Structure. Presented at 2009 Fourth International Conference on Frontier of Computer Science and Technology, Shanghai, China

Presentation Conference Type Conference Paper (published)
Conference Name 2009 Fourth International Conference on Frontier of Computer Science and Technology
Start Date Dec 17, 2009
End Date Dec 19, 2009
Online Publication Date Jan 19, 2010
Publication Date 2009-12
Deposit Date Jun 16, 2017
Publisher Institute of Electrical and Electronics Engineers
Pages 327-333
Book Title Fourth International Conference on Frontier of Computer Science and Technology, 2009. FCST '09
ISBN 9781424454662; 9780769539324
DOI https://doi.org/10.1109/fcst.2009.97
Keywords Intusion Detection; Payload; Geometrical Structure; Mahalanobis Distance; Pattern Recognition
Public URL http://researchrepository.napier.ac.uk/Output/948552






You might also like



Downloadable Citations