EURASIP Journal on Advances in Signal Processing
Special issue on Signal Processing Applications in Network Intrusion
Detection Systems
In recent years, network intrusion detection has attracted a lot of
attention in the area of network security. Network intrusions cause threat
and damage mainly in two ways. First, the intruders probe, gather, and
deduce sensitive information about target hosts in an effort to gain
unauthorized access to the target hosts and their networks. Second, the
intruders inject huge waves of unwanted packets into the target networks,
aiming to disrupt the normal communications carried on by the target
networks. It is therefore very important to implement appropriate network
intrusion detection systems (NIDSs) to monitor the network and detect the
intrusion before it is too late.
Signal processing techniques have found applications in NIDSs because of
their ability to detect novel intrusions and attacks, which cannot be
achieved by signature-based NIDS. It has been shown that network traffic
possesses the property of self-similarity. Therefore, the objective of
NIDS based on signal processing techniques is to profile the pattern of
normal network traffic or application-level behavior and model intrusions
or unwanted traffic as anomalies. Wavelets, entropy analysis, and data
mining techniques are examples in this regard. However, the major
challenges of the signal processing-based approaches lie in the adaptive
modeling of normal network traffic and the high false alarm rate due to
the inaccuracy of the modeled normal traffic pattern. The emergence of a
variety of wireless networks and the mobility of nodes in such networks
only add to the complexity of the problems.
The goal of this special issue is to introduce state-of-the-art techniques
and encourage research regarding various aspects in the application of
signal processing techniques to network intrusion detection systems. In
particular, the special issue encourages novel solutions that improve the
accuracy and adaptivity of intrusion detection and addresses the
automation of intrusion classification and correlation.
Topics of interest include (but are not limited to):
* Data-mining-based IDS
* Multirate filtering and wavelets
* Monte Carlo methods integration
* Anomalous network traffic modeling
* Anomalous application-level behavior modeling
* Performance analysis and evaluation
* Real-time analysis techniques
* Intrusion correlation
* Automated detection and classification of intrusions and anomalies
* Clustering-based IDS
* Sampling techniques in intrusion detection
* Data streaming algorithms for traffic analysis
* Adaptive detection techniques
* Data fusion in distributed intrusion detection
Authors should follow the EURASIP Journal on Advances in Signal Processing
manuscript format described at the journal site
http://www.hindawi.com/journals/asp/. Prospective authors should submit an
electronic copy of their complete manuscript through the EURASIP Journal
on Advances in Signal Processing Manuscript Tracking System at
http://mts.hindawi.com/ according to the following timetable:
Manuscript Due September 1, 2007
First Round of Reviews December 1, 2007
Publication Date March 1, 2008
Guest Editors:
Chin-Tser Huang, Department of Computer Science and Engineering,
University of South Carolina, Columbia, SC 29208, USA
Rocky K. C. Chang, Department of Computing, The Hong Kong Polytechnic
University, Hung Hom, Kowloon, Hong Kong
Polly Huang, Department of Electrical Engineering, National Taiwan
University, Taipei, Taiwan