• DocumentCode
    2938501
  • Title

    Maximum entropy and payload based intrusion detection system the Me-PAYL

  • Author

    Erhan, Derya ; Harmanci, F. Kerem ; Anarim, Emin

  • Author_Institution
    Elektrik ve Elektron. Muhendisligi Bolumu, Bogazici Univ., Istanbul
  • fYear
    2008
  • fDate
    20-22 April 2008
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    In this work a payload based intrusion detection system by using the maximum entropy principle, the Me-PAYL is proposed. A network anomaly detection technique that uses sniffed data of network and based on maximum entropy and relative entropy methods is developed. Advantages of the maximum entropy approach are combined with PAYL [1] model to obtain more efficiency. The proposed method, Me-PAYL is tested with DARPA 1999 intrusion detection evaluation (IDEVAL) dataset, which is the largest dataset available with whole payloads [2].
  • Keywords
    maximum entropy methods; security of data; DARPA 1999 intrusion detection evaluation dataset; Me-PAYL; maximum entropy principle; network anomaly detection technique; payload-based intrusion detection system; relative entropy methods; Entropy; Histograms; Intrusion detection; Organizing; Payloads; Testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Signal Processing, Communication and Applications Conference, 2008. SIU 2008. IEEE 16th
  • Conference_Location
    Aydin
  • Print_ISBN
    978-1-4244-1998-2
  • Electronic_ISBN
    978-1-4244-1999-9
  • Type

    conf

  • DOI
    10.1109/SIU.2008.4632730
  • Filename
    4632730
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2938501