Revista Brasileira de Computação Aplicada (Apr 2011)

Anomaly-based Intrusion Detection in Computer Networks using Wavelets

  • Tiago Perlin,
  • Raul Ceretta Nunes,
  • Alice de Jeuss Kozakevicius

DOI
https://doi.org/10.5335/rbca.2013.1313
Journal volume & issue
Vol. 3, no. 1
pp. 2 – 15

Abstract

Read online

Attacks on computer networks compromise the security of the system and degrade the performance of the network causing problems to users and organizations. Network-based Intrusion Detection Systems are used to detect attacks or malicious activity by analyzing the network traffic. The anomaly-based detection approach is used for intrusion detection. It is assumed that the presence of traffic anomalies, deviations from standard behavior, is indicative of an attack or malfunction. A major difficulty of an anomaly-based Intrusion Detection System is the construction of the profile due to the complexity of network traffic. Methods derived from Signal Analysis, among which, the Wavelet transform, have recently demonstrated applicability in detecting anomalies in network. This tutorial presents the fundamental concepts of intrusion detection and wavelet-based anomaly detection.

Keywords