The Use of Packet Header Anomaly Detection in Lossy Network Traffic Compression for Network Intrusion Detection Applications

Sidney C. Smith &
This report describes efforts to employ a packet header anomaly detection algorithm to measure how unusual each packet is. A compression tool is written that compares this measure against a threshold, keeping only that traffic that is more unusual than the threshold. The Snort network intrusion detection tool is run against the data set to establish a baseline of alerts. It is then run against the compressed data set to discover how many alerts were...
This data repository is not currently reporting usage information. For information on how your repository can submit usage information, please see our documentation.