FAQ
T_LOGIN Zaloguj się

Nie masz jeszcze konta?

T_REGISTER Zarejestruj się

Schedae Informaticae

logo of Jagiellonian University in Krakow

Search results

simple search

search np. “cognitive architectures” AND 1993-200 NOT Urban
advanced search
ex. 1234-6789
ex. 10.4467/16890027AP.16.022.6009
ex. Uniwersytet Jagielloński

Incoherent Dictionary Learning for Sparse Representation in Network Anomaly Detection

Publication date: 11.04.2016

Schedae Informaticae, 2015, Volume 24, pp. 63-71

https://doi.org/10.4467/20838476SI.15.006.3028

Authors

,
Tomasz Andrysiak
UTP University of Science and Technology Institute of Telecommunications
Contact with author
All publications →
Łukasz Saganowski
UTP University of Science and Technology Institute of Telecommunications
Contact with author
All publications →

Download full text

Download PDF PDF
Print print Cite cite Share share

Titles

Incoherent Dictionary Learning for Sparse Representation in Network Anomaly Detection

Abstract

In this article we present the use of sparse representation of a signal and incoherent dictionary learning method for the purpose of network traffic analysis. In learning process we use 1D INK-SVD algorithm to detect proper dictionary structure. Anomaly detection is realized by parameter estimation of the analyzed signal and its comparative analysis to network traffic profiles. Efficiency of our method is examined with the use of extended set of test traces from real network traffic. Received experimental results confirm effectiveness of the presented method.

Keywords

References

Download references

[1] Chora´s M., Saganowski L ., Renk R., Hol ubowicz W., Statistical and signal-based network traffic recognition for anomaly detection. Expert Systems, 2012, 29(3), pp. 232–245.

[2] Garcia-Teodoro P., Diaz-Verdejo J., Maci´a-Fern´andez G., V´azquez E., Anomalybased network intrusion detection: Techniques, systems and challenges. Computers & security, 2009, 28(1), pp. 18–28.

[3] Saganowski L ., Goncerzewicz M., Andrysiak T., Anomaly detection preprocessor for snort ids system. In: Image Processing and Communications Challenges 4. Springer 2013, pp. 225–232.

[4] FP7 INTERSECTION Project, Deliverable d.2.1: Solutions for securing heterogeneous networks: A state of the art analysis.

[5] Hwang K., Cai M., Chen Y., Qin M., Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. Dependable and Secure Computing, IEEE Transactions on, 2007, 4(1), pp. 41–55.

[6] Mallat S.G., Zhang Z., Matching pursuits with time-frequency dictionaries. Signal Processing, IEEE Transactions on, 1993, 41(12), pp. 3397–3415.

[7] Pati Y.C., Rezaiifar R., Krishnaprasad P., Orthogonal matching pursuit: Recursive function approximation with applications to wavelet decomposition. In: Signals, Systems and Computers, 1993. 1993 Conference Record of the TwentySeventh Asilomar Conference on, IEEE, 1993, pp. 40–44.

[8] Davis G., Mallat S., Avellaneda M., Adaptive greedy approximations. Constructive approximation, 1997, 13(1), pp. 57–98.

[9] Tropp J.A., Greed is good: Algorithmic results for sparse approximation. Information Theory, IEEE Transactions on, 2004, 50(10), pp. 2231–2242.

[10] Gribonval R., Fast matching pursuit with a multiscale dictionary of Gaussian chirps. Signal Processing, IEEE Transactions on, 2001, 49(5), pp. 994–1001.

[11] Elad M., From Exact to Approximate Solutions. In: Sparse and Redundant Representations: From Theory to Applications in Signal and Image Processing. Springer, New York, 2010 pp. 79–109.

[12] Aharon M., Elad M., Bruckstein A., K-svd: An algorithm for designing overcomplete dictionaries for sparse representation. Signal Processing, IEEE Transactions on, 2006, 54(11), pp. 4311–4322.

[13] Barchiesi D., Plumbley M.D., Learning incoherent dictionaries for sparse approximation using iterative projections and rotations. Signal Processing, IEEE Transactions on, 2013, 61(8), pp. 2055–2065.

[14] Snort – intrusion detection system. https://www.snort.org/, Accessed: 2014-1230.

[15] Dainotti A., Pescap´e A., Ventre G., Wavelet-based detection of dos attacks. In: Global Telecommunications Conference, 2006. GLOBECOM’06. IEEE, IEEE, 2006, pp. 1–6.

[16] Kali linux. https://www.kali.org/, Accessed: 2014-12-30.

[17] Defense advanced research projects agency darpa intrusion detection evaluation data set. http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/index.html, Accessed: 2014-12-30.

Information

Information: Schedae Informaticae, 2015, Volume 24, pp. 63-71

Article type: Original article

Authors

UTP University of Science and Technology Institute of Telecommunications

UTP University of Science and Technology Institute of Telecommunications

Published at: 11.04.2016

Article status: Open

Licence: None

Percentage share of authors:

Tomasz Andrysiak (Author) - 50%
Łukasz Saganowski (Author) - 50%

Article corrections:

-

Publication languages:

English

View count: 2553

Number of downloads: 1686

<p>Incoherent Dictionary Learning for Sparse Representation in Network Anomaly Detection</p>
Download PDF Download xml

Incoherent Dictionary Learning for Sparse Representation in Network Anomaly Detection

cytuj

Download PDF Pobierz

pobierz pliki

RIS BIB ENDNOTE