Detecting Application-layer Attacks Based on User's Application-layer Behaviors

被引:0
|
作者
Xie, Bailin [1 ]
Jiang, Shengyi [1 ]
机构
[1] Guangdong Univ Foreign Studies, Cisco Sch Informat, Guangzhou, Guangdong, Peoples R China
来源
INFORMATION TECHNOLOGY APPLICATIONS IN INDUSTRY II, PTS 1-4 | 2013年 / 411-414卷
关键词
Application-layer; User's behaviors; Anomaly detection; Protocols' keywords; Hidden semi-Markov model;
D O I
10.4028/www.scientific.net/AMM.411-414.607
中图分类号
TH [机械、仪表工业];
学科分类号
0802 ;
摘要
This paper presents an application-layer attack detection method based on user's application-layer behaviors. In this method, the keywords of an application-layer protocol and their inter-arrival times are used as the observations, a hidden semi-Markov model is used to describe the application-layer behaviors of a normal user who is using the application-layer protocol. This method is also based anomaly detection. In theory, application-layer anomaly detection can identify the known, unknown and novel attacks happened on application-layer. The experimental results show that this method can identify several application-layer attacks, and has high detection accuracy and low false positive ratio.
引用
收藏
页码:607 / 612
页数:6
相关论文
共 50 条
  • [1] Detecting Slow Application-Layer DoS Attacks With PCA
    Kemp, Clifford
    Calvert, Chad
    Khoshgoftaar, Taghi M.
    [J]. 2021 IEEE 22ND INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION FOR DATA SCIENCE (IRI 2021), 2021, : 176 - 183
  • [2] Application-layer Anomaly Detection Based on Application-layer Protocols' Keywords
    Xie, Bailin
    Zhang, Qiansheng
    [J]. PROCEEDINGS OF 2012 2ND INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT 2012), 2012, : 2131 - 2135
  • [3] Tackling Application-layer DDoS Attacks
    Beitollahi, Hakem
    Deconinck, Geert
    [J]. ANT 2012 AND MOBIWIS 2012, 2012, 10 : 432 - 441
  • [4] Application-layer multicast
    Katrinis, K
    May, M
    [J]. PEER-TO-PEER SYSTEMS AND APPLICATIONS, 2005, 3485 : 157 - 170
  • [5] Application-layer denial of service attacks: Taxonomy and survey
    Mantas, Georgios
    Stakhanova, Natalia
    Gonzalez, Hugo
    Jazi, Hossein Hadian
    Ghorbani, Ali A.
    [J]. International Journal of Information and Computer Security, 2015, 7 (2-4) : 216 - 239
  • [6] Monitoring the Application-Layer DDoS Attacks for Popular Websites
    Xie, Yi
    Yu, Shun-Zheng
    [J]. IEEE-ACM TRANSACTIONS ON NETWORKING, 2009, 17 (01) : 15 - 25
  • [7] APPLICATION-LAYER DDOS ATTACKS WITH MULTIPLE EMULATION DICTIONARIES
    Cirillo, Michele
    Di Mauro, Mario
    Matta, Vincenzo
    Tambasco, Marco
    [J]. 2021 IEEE INTERNATIONAL CONFERENCE ON ACOUSTICS, SPEECH AND SIGNAL PROCESSING (ICASSP 2021), 2021, : 2610 - 2614
  • [8] Identifying Application-Layer DDoS Attacks Based on Request Rhythm Matrices
    Lin, Huan
    Cao, Shoufeng
    Wu, Jiayan
    Cao, Zhenzhong
    Wang, Fengyu
    [J]. IEEE ACCESS, 2019, 7 : 164480 - 164491
  • [9] On effectiveness of application-layer coding
    Choi, Yoojin
    Momcilovic, Petar
    [J]. IEEE INFOCOM 2009 - IEEE CONFERENCE ON COMPUTER COMMUNICATIONS, VOLS 1-5, 2009, : 433 - 441
  • [10] Application-Layer Connector Synthesis
    Inverardi, Paola
    Spalazzese, Romina
    Tivoli, Massimo
    [J]. FORMAL METHODS FOR ETERNAL NETWORKED SOFTWARE SYSTEMS, SFM 2011, 2011, 6659 : 148 - 190
12345