| dc.contributor.author | Perona Balda, Iñigo  | |
| dc.contributor.author | Gurrutxaga Goikoetxea, Ibai | |
| dc.contributor.author | Arbelaiz Gallego, Olatz | |
| dc.contributor.author | Martín Aramburu, Jose Ignacio | |
| dc.contributor.author | Muguerza Rivero, Javier Francisco | |
| dc.contributor.author | Pérez de la Fuente, Jesús María | |
| dc.date.accessioned | 2025-01-14T18:08:42Z | |
| dc.date.available | 2025-01-14T18:08:42Z | |
| dc.date.issued | 2008-11-27 | |
| dc.identifier.citation | Data Mining & Analytics 2008: Procedings of the 7th Australasian Data Mining Conference (AusDM 2008) 87 : 171-178 (2008 | es_ES |
| dc.identifier.isbn | 978-1-920682-68-2 | |
| dc.identifier.uri | http://hdl.handle.net/10810/71399 | |
| dc.description.abstract | The popularity of computer networks broadens the scope for network attackers and increases the damage these attacks can cause. In this context, Intrusion Detection Systems (IDS) are included as part of any complete security package. This work focuses on nIDSs which work by scanning the network traffic. A service-independent payload processing approach is presented to increase detection rates in non-flood attacks. Three different techniques for payload processing are proposed and they are shown to be able to efficiently detect some of the attack types. Moreover, the proper integration of the knowledge of the different techniques, payload-based and packet header-based, always improves the results. This work leads us to conclude that payload analysis can be used in a general manner, with no service- or port-specific modelling, to detect attacks in network traffic. | es_ES |
| dc.description.sponsorship | This work was partly funded by the Diputación Foral de Gipuzkoa and the European Union. | es_ES |
| dc.language.iso | eng | es_ES |
| dc.publisher | ACM | es_ES |
| dc.rights | info:eu-repo/semantics/openAccess | es_ES |
| dc.subject | Intrusion detection systems | es_ES |
| dc.subject | unsupervised anomaly detection | es_ES |
| dc.subject | payload | es_ES |
| dc.title | Service-independent payload analysis to improve intrusion detection in network traffic | es_ES |
| dc.type | info:eu-repo/semantics/conferenceObject | es_ES |
| dc.rights.holder | © 2008, Australian Computer Society published in association with the ACM | es_ES |
| dc.relation.publisherversion | https://dl.acm.org/doi/10.5555/2449288.2449315 | es_ES |
| dc.identifier.doi | 10.5555/2449288.2449315 | |
| dc.departamentoes | Ciencia de la computación e inteligencia artificial | es_ES |
| dc.departamentoeu | Konputagailuen Arkitektura eta Teknologia | es_ES |
Back