Show simple item record

dc.contributor.advisorChan, Philip K.
dc.contributor.authorVargiya, Rachna
dc.contributor.authorChan, Philip K.
dc.date.accessioned2013-11-05T20:35:12Z
dc.date.available2013-11-05T20:35:12Z
dc.date.issued2003-06-11
dc.identifier.citationVargiya, R., Chan, P.K. (2003). Boundary detection in tokenizing network application payload for anomaly detection (CS-2003-21). Melbourne, FL. Florida Institute of Technologyen_US
dc.identifier.otherCS-2003-21
dc.identifier.urihttp://hdl.handle.net/11141/128
dc.description.abstractMost of the current anomaly detection methods for network traffic rely on the packet header for studying network traffic behavior. We believe that significant information lies in the payload of the packet and hence it is important to model the payload as well. Since many protocols exist and new protocols are frequently introduced, parsing the payload based on the protocol specification is time-consuming. Instead of relying on the specification, we propose four different characteristics of streams of bytes, which can help us develop algorithms for parsing the payload into tokens. We feed the extracted tokens from the payload to anomaly detection algorithm. Our empirical results indicated that our parsing techniques can extract tokens that can improve the detection rate.en_US
dc.language.isoen_USen_US
dc.rightsCopyright held by authors.en_US
dc.titleBoundary detection in tokenizing network application payload for anomaly detectionen_US
dc.typeTechnical Reporten_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record