A two-tier system for web attack detection using linear discriminant method

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6476 LNCS, Issue , 2010, Pages 459-471

  Tan, Zhiyuan ^a   Jamdagni, Aruna ^a,b   He, Xiangjian ^a   Nanda, Priyadarsi ^a   Liu, Ren Ping ^b   Jia, Wenjing ^a   Yeh, Wei Chang ^c  

^a UNIVERSITY OF TECHNOLOGY SYDNEY   (Australia)

^b CSIRO   (Australia)

^c NATIONAL TSING HUA UNIVERSITY   (Taiwan)

Author keywords

Feature selection; Intrusion detection; Linear discriminant method; Packet payload; Web based attack

Indexed keywords

COMPUTATIONAL COSTS; DATA SETS; FEATURE SELECTION; FEATURE SPACE; FINAL DECISION; HIGH-DIMENSIONAL FEATURE SPACE; INTRUSION DETECTION SYSTEMS; LINEAR DISCRIMINANTS; NETWORK ATTACK; PACKET PAYLOADS; STATISTICAL SIGNATURES; WEB ATTACKS; WEB-BASED ATTACKS; WORST CASE; LOW DIMENSIONAL;

COMPUTER CRIME; COST REDUCTION; FEATURE EXTRACTION; NETWORK SECURITY; COSTS; MERCURY (METAL); WEBSITES;

INTRUSION DETECTION;

EID: 78650910973     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-17650-0_32     Document Type: Conference Paper

References (17)

1. Corporation, M.: Common vulnerabilities and exposures, http://cve.mitre.org/ (accessed June 16, 2006)
2. Kay, J.: Low Volume Viruses: New Tools for Criminals. Network Security, 16-18 (2005)
3. Denning, D.E.: An Intrusion-detection Model. IEEE Transactions on Software Engineering, 222-232 (2006)
4. TippingPoint, http://www.tippingpoint.com/
5. Paxson, V.: Bro: A System for Detecting Network Intruders in Real-time. Computer Networks 31, 2435-2463 (1999)
6. Patcha, A., Park, J.M.: An Overview of Anomaly Detection Techniques: Existing Solutions and Latest Technological Trends. Computer Networks 51, 3448-3470 (2007) (Pubitemid 46921030)
7. Wang, K., Stolfo, S.J.: Anomalous Payload-based Network Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 203-222. Springer, Heidelberg (2004)
8. Mahoney, M.V.: Network Traffic Anomaly Detection Based on Packet Bytes. In: The 2003 ACM Symposium on Applied Computing, pp. 346-350. ACM, New York (2003)
9. Shih, H.C., Ho, J.H., Chang, C.P., Pan, J.S., Liao, B.Y., Kuo, T.H.: Detection of Network Attack and Intrusion Using PCA-ICA. In: 3rd International Conference on Innovative Computing Information and Control, p. 564(2008)
10. Singh, S., Silakari, S.: Generalized Discriminant Analysis Algorithm for Feature Reduction in Cyber Attack Detection System. International Journal of Computer Science and Information Security 6, 173-180 (2009)
11. Chen, Y., Li, Y., Cheng, X.Q., Guo, L.: Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System. In: Lipmaa, H., Yung, M., Lin, D. (eds.) Inscrypt 2006. LNCS, vol. 4318, pp. 153-167. Springer, Heidelberg (2006)
12. Krugel, C., Toth, T., Kirda, E.: Service Specific Anomaly detection for Network Intrusion Detection. In: The 2002 ACM Symposium on Applied Computing, pp. 201-208. ACM, New York (2002)
13. Wang, K., Parekh, J., Stolfo, S.: Anagram: A Content Anomaly Detector Resistant to Mimicry Attack. In: Zamboni, D., Krügel, C. (eds.) RAID 2006. LNCS, vol. 4219, pp. 226-248. Springer, Heidelberg (2006)
14. Nwanze, N., Summerville, D.: Detection of Anomalous Network Packets Using Lightweight Stateless Payload Inspection. In: The 33rd IEEE Conference on Local Computer Networks, pp. 911-918 (2008)
15. Tan, Z., Jamdagni, A., Nanda, P., He, X.: Network Intrusion Detection Based on LDA for Payload Feature Selection. In: IEEE Globecom 2010 Workshop on Web and Pervasive Security, pp. 1-5. IEEE Press, Los Alamitos (2010) (to appear)
16. Jamdagni, A., Tan, Z., Nanda, P., He, X., Liu, R.: Intrusion Detection Using GSAD Model for HTTP Traffic on Web Services. In: The 6th International Wireless Communications and Mobile Computing Conference, pp. 1193-1197. ACM, New York (2010)
17. 1999 DARPA Intrusion Detection Evaluation Data Set, http://www.ll.mit. edu/mission/communications/ist/corpora/ideval/data/1999data.html