PAID: Packet Analysis for Anomaly Intrusion Detection

Lee, Kuo-Chen; Chang, Jason; Chen, Ming-Syan

doi:10.1007/978-3-540-68125-0_58

Cited by 5 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The normal behaviour of packets is profiled based on the protocol being employed (TCP, UDP, ICMP); this model outperforms the normal PHAD approach. Other works used different algorithms like PAID [39], which employs Bayesian and feature extraction methods for anomaly detection, and LNID [40]. The most recent modification for the PHAD was to update the normal profile, which the researchers did in [41].…”

Section: Related Workmentioning

confidence: 99%

Intrusion Detection Using Statistical Classifier Based on Packet Header Analysis

Malarkodi,

K G

et al. 2023

Preprint

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

Intrusion Detection Using Statistical Classifier Based on Packet Header Analysis

Malarkodi,

K G

et al. 2023

Preprint

View full text Add to dashboard Cite

“…Another packet header anomaly detection, PAID (Lee, 2008) performed packet analysis for intrusion detection. PAID uses the Bayesian and feature extraction approach, as compared to PHAD and PbPHAD.…”

Section: Related Workmentioning

confidence: 99%

“…In this work, we focus on anomaly detection in HIDS using statistical analysis. Although many work have been done in the statistical-based anomaly detection, such as (Mahoney, 2001, Solahuddin, 2008, Lee, 2008, Rehman, 2012, Yingbing, 2012, Carlos, 2012& Xiong, 2013 and many more, increasing the attack detection rate is still a significant research issue especially with the excessive increase of numerous intrusions over the past decades.…”

Section: Introductionmentioning

confidence: 99%

Packet Header Anomaly Detection Using Statistical Analysis

Yassin

Udzir

Abdullah

et al. 2014

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Abstract. The disclosure of network packets to recurrent cyber intrusion has upraised the essential for modelling various statistical-based anomaly detection methods lately. Theoretically, the statistical-based anomaly detection method fascinates researcher's attentiveness, but technologically, the fewer intrusion detection rates persist as vulnerable disputes. Thus, a Host-based Packet Header Anomaly Detection (HbPHAD) model that is proficient in pinpoint suspicious packet header behaviour based on statistical analysis is proposed in this paper. We perform scoring mechanism using Relative Percentage Ratio (RPR) in scheming normal scores, desegregate Linear Regression Analysis (LRA) to distinguish the degree of packets behaviour (i.e. fit to be suspicious or not suspicious) and Cohen's-d (effect size) dimension to pre-define the finest threshold. HbPHAD is an effectual resolution for statistical-based anomaly detection method in pinpoint suspicious behaviour precisely. The experiment validate that HbPHAD is effectively in correctly detecting suspicious packet at above 90% as an intrusion detection rate for both ISCX 2012 and is capable to detect 40 attack types from DARPA 1999 benchmark dataset.

show abstract

“…Packet Analysis Anomaly Intrusion Detection (PAID) performs packet analysis in detecting intrusion [13]. Compared to PHAD and PbPHAD, PAID approaches use feature extraction and Bayesian analysis where packet features are transformed from continuous to discrete values before being fed into a Naïve Bayes Classifier.…”

Section: Related Workmentioning

confidence: 99%

“…Packet Header Anomaly Detection (PHAD) has attracted the attention of numerous researchers [9], [13], [14], [15], [16]. In PHADs, packet characteristics and behaviours are used to identify unusual behavior.…”

Section: Related Workmentioning

confidence: 99%