Detecting latent attack behavior from aggregated Web traffic

Xie, Yi; Tang, Shensheng; Huang, Xin; Tang, Chenjun; Liu, Xingcheng

doi:10.1016/j.comcom.2013.01.013

Cited by 16 publications

(8 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This detection system is dependent on forming of ordinary behavioural models and conclude any attempt that is not covered within this model as malicious behaviours [9]. Nonetheless, higher false alarm or false positives are the main imperfection of this detection systems [10].…”

Section: Introductionmentioning

confidence: 99%

“…Seeing facts, for last two decades, an anomaly detection system that utilizes data mining approaches has attracted researcher interest, particularly within the concept of intrusion detection [10]- [12]. Nevertheless, maximizing the true positive (malicious behaviours which detected as malicious) and true negative (non-malicious behaviours which detected as non-malicious) as well as minimizing the false positive (non-malicious behaviours which detected as malicious) and false negative (malicious behaviours which detected as nonmalicious) are not much enhanced as a whole.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An Improved Malicious Behaviour Detection Via k-Means and Decision Tree

Yassin¹,

Rahayu²,

Abdollah³

et al. 2016

ijacsa

View full text Add to dashboard Cite

Abstract-DataMining algorithm which is applied as an anomaly detection system has been considered as one of the essential techniques in malicious behaviour detection. Unfortunately, such detection system is known for its inclination in detecting a cyber-malicious activity more accurately (i.e. maximizing malicious and non-malicious behaviours detection) and has become a persistent limitation in the deployment of intrusion detection systems. Consequently, these constraints will affect a number of important performance factors such as the accuracy, detection rate and false alarms. In this research, KMDT proposed as an anomaly detection model that utilized kmeans clustering and decision tree classifier to maximize the detection of malicious behaviours by scrutinizing packet headers. The k-means clustering employed for labelling and plots the whole behaviours into identical cluster, which characterized the behaviours into suspicious or non-suspicious composition. Subsequently, these dissimilar clustered behaviours are reordered within two classes of types such as malicious and nonmalicious via decision tree classifier. KMDT is a profitable finding which improved the anomaly detection performance in identifying suspicious and non-suspicious behaviours as well as characterizes it into malicious and non-malicious behaviours more accurately. These criteria have been validated by the result from the experiments throughout banking system environment dataset 2016. KMDT have detected more malicious behaviours accurately as contrast to discrete and diversely combined methods.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

An Improved Malicious Behaviour Detection Via k-Means and Decision Tree

Yassin¹,

Rahayu²,

Abdollah³

et al. 2016

ijacsa

View full text Add to dashboard Cite

show abstract

“…Denial-of-service is not only the issue in the internet but rather it changes the mandatory or required information when there would be slight change in the protocols. The emergence of Distributed denial-of-service exists in the base of the Internet architecture [1] and there are so many methods through which we will detect the DDoS attack as in [2] [3]. There are following types of attacks that come against the infrastructure of Internet.…”

Section: Introductionmentioning

confidence: 99%

Quantifying the Impact of Flood Attack on Transport Layer Protocol

Tyagi¹

2014

IJCSA

View full text Add to dashboard Cite

As growth of internet and computer increase day by day so as the growth of attacks on network is also tremendously increased day by day. In this paper we introduced a wired network and create two TCP source node and one attacker node (Distributed denial-of-service) flooding type attack which is the attack on the bandwidth of TCP node at source side sends data to destination through router and also measure the impact of Denial-of-service attack (DoS) on that wired network how packets of other source nodes and that node will drop down due to the impact of flooding type denial-of-service attack and shows the result using NS-2 NAM & Xgraph windows in simulation.

show abstract

“…From real time experiments they proved that rate limiting is effective in mitigating a network from DDoS attacks. Y. Xie, et al, [10] has discussed about a new application-layer indirect attack which exploits the communication mechanism of proxy server to attack the targets. They have proposed a server-side defense scheme to resist such indirect attacks by describing the dynamic behavior process of aggregated traffic using improved semiMarkov model.…”

Section: Several Other Different Detection Mechanisms Have Also Been mentioning

confidence: 99%

Network Attacks and Their Detection Mechanisms: A Review

Mangrulkar¹,

Patil²,

Pande³

2014

IJCA

View full text Add to dashboard Cite

With the development of large open networks, security threats for the network have increased significantly in the past few years. Different types of attacks possess different types of threats to network and network resources. Many different detection mechanisms have been proposed by various researchers. This paper reviews different type of possible network attacks and detection mechanisms proposed by various researchers that are capable of detecting such attacks. General TermsNetwork resources, open network, security threats for network

show abstract

Detecting latent attack behavior from aggregated Web traffic

Cited by 16 publications

References 42 publications

An Improved Malicious Behaviour Detection Via k-Means and Decision Tree

An Improved Malicious Behaviour Detection Via k-Means and Decision Tree

Quantifying the Impact of Flood Attack on Transport Layer Protocol

Network Attacks and Their Detection Mechanisms: A Review

Contact Info

Product

Resources

About