Abstract
In this paper, a novel behavioral method for detection of attacks on a network is presented. The main idea is to decompose a traffic into smaller subsets that are analyzed separately using various mechanisms. After analyses are performed, results are correlated and attacks are detected. Both the decomposition and chosen analytical mechanisms make this method highly parallelizable. The correlation mechanism allows to take into account results of detection methods beside the aspect-based detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Li, Z., Gaoa, Y., Chen, Y.: HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency. Computer Networks 54(8), 1282–1299 (2010)
Lakhina, A., Crovella, M., Diot, C.: Anomaly Detection via Over-Sampling Principal Component Analysis Studies. Computational Intelligence 199, 449–458 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Drašar, M., Vykopal, J., Krejčí, R., Čeleda, P. (2010). Aspect-Based Attack Detection in Large-Scale Networks. In: Jha, S., Sommer, R., Kreibich, C. (eds) Recent Advances in Intrusion Detection. RAID 2010. Lecture Notes in Computer Science, vol 6307. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15512-3_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-15512-3_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15511-6
Online ISBN: 978-3-642-15512-3
eBook Packages: Computer ScienceComputer Science (R0)