A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

Kamarudin, Muhammad Hilmi; Maple, Carsten; Watson, Tim; Safa, Nader Sohrabi

doi:10.1155/2017/2539034

Cited by 13 publications

(11 citation statements)

References 49 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The classification is mainly based on the detection mechanism of the methods.  Signature-based methods [3,4]: this is a well-known approach and has been investigated by many researchers. So far, the research community of web attack detection has built up a complete Core Rule Set [9] to support network users.…”

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

“…In this research, he uses an encoding method which reconstructs a character into a 2-dimensional matrix. The authors of the research [14] use N-gram and Generic Feature Selection algorithms to extract features from DARPA and ECML/PKDD2007 datasets [4]. In order to detect abnormal requests, they applied some clustering algorithms like C4.5, CART, Random forest or random tree.…”

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

“…In [2], Mookhey presented the characteristics, compositions and operation principles of WA. Besides, some other works in [2][3][4] have shown several vulnerabilities and threats that attackers could exploit to attack the web applications. According to the surveys in [3] and [4], the vulnerabilities of the protocol hyper text transfer protocol (HTTP) or hypertext transfer protocol secure (HTTPS) are often preferable to be exploited by attackers.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An adaptive anomaly request detection framework based on dynamic web application profiles

Xuan

Nguyễn

Dinh

2020

IJECE

View full text Add to dashboard Cite

Web application firewall is a highly effective application in protecting the application layer and database layer of websites from attack access. This paper proposes a new web application firewall deploying method based on Dynamic Web application profiling (DWAP) analysis technique. This is a method to deploy a firewall based on analyzing website access data. DWAP is improved to integrate deeply into the structure of the website to increase the compatibility of the anomaly detection system into each website, thereby improving the ability to detect abnormal requests. To improve the compatibility of the web application firewall with protected objects, the proposed system consists of two parts with the main tasks are: i) Detect abnormal access in web application (WA) access; ii) Semi-automatic update the attack data to the abnormal access detection system during WA access. This new method is applicable in real-time detection systems where updating of new attack data is essential since web attacks are increasingly complex and sophisticated.

show abstract

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

Section: Related Work 21 Web Attack Detection Researchmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An adaptive anomaly request detection framework based on dynamic web application profiles

Xuan

Nguyễn

Dinh

2020

IJECE

View full text Add to dashboard Cite

show abstract

“…Discrete data can be numeric but it can also be categorical, continuous data are always numeric and are not restricted to define separate values and can take any value within a range [31]. The various types of attack with their categories are discussed in the table [32]. The severity of the attack and the classification is discussed.…”

Section: Portsweepmentioning

confidence: 99%

Intrusion Detection and Classification using Decision Tree Based Key Feature Selection Classifiers

Nanda¹,

Patra²

2020

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

Feature selection method applied on an intrusion dataset is used to classify the intrusion data as normal or intrusive. We have made an attempt to detect and classify the intrusion data using rank-based feature selection classifiers. A set of redundant features having null rank value are eliminated then the performance evaluation using various feature selection algorithms are done to determine the behavior of attributes. We can distinguish the key features which plays an important role for detecting intrusions. There are 41 features in the dataset, out of which some features play significant role in detecting the intrusions and others do not contribute in the detection process. We have applied different feature selection techniques to select the predominant features that are actually effective in detecting intrusions.

show abstract

“…Most works of literature have shown that anomaly detection has already been performed using learning techniques either supervised or unsupervised, statistical methods, stream analytic engine and data-mining approaches [6]. Little has been done with regards to reactive protocols used in ad hoc network and key performance indicators to detect outliers in a network.…”

Section: Related Workmentioning

confidence: 99%

Reactive protocols for unified user profiling for anomaly detection in mobile Ad Hoc networks

Qasim

Mohammed

Sosa

et al. 2019

PEN

View full text Add to dashboard Cite

The Next Generation mobile network expected to be fully automated to meet the growing need for data rates and quality in communication. These prodigious demands have also increased the amount of data being handled in these wireless networks. The cellular networks can leverage vital data about the user and the network conditions providing all-inclusive visibility and intelligence in communication. Emerging analytic technologies such as big data and neural networks have been used to unearth vital insight from network traffic to assist intelligent models in routing packets. Reactive protocols are an emerging model in the intelligent routing of traffic in ad-hoc networks. In this paper, we first utilize the reactive protocols to route traffic in a wireless network while analyzing anomalous behavior. In the case of anomaly detection in wireless communication, combined performance indicators to identify outliers. The detected outliers been compared with the ground data and routes created using the reactive protocols. The combination of reactive protocols and the key performance indicators in network performance uncovered anomalies leading to segregation of these traffic in routing. From the results, it is evident that an abrupt surge in the traffic indicated an anomaly and identify the areas of interest in a network especially for resource and path allocation and fault avoidance. A MATLAB GUI was used to simulate the reactive protocols for routing of traffic and generation of datasets that analyze in Microsoft Excel to characterize the key performance indicators of the network.

show abstract

A New Unified Intrusion Anomaly Detection in Identifying Unseen Web Attacks

Cited by 13 publications

References 49 publications

An adaptive anomaly request detection framework based on dynamic web application profiles

An adaptive anomaly request detection framework based on dynamic web application profiles

Intrusion Detection and Classification using Decision Tree Based Key Feature Selection Classifiers

Reactive protocols for unified user profiling for anomaly detection in mobile Ad Hoc networks

Contact Info

Product

Resources

About