Exploiting n-gram location for intrusion detection

被引：10

作者：

Angiulli, Fabrizio ^{[1
]}

Argento, Luciano ^{[1
]}

Furfaro, Angelo ^{[1
]}

机构：

[1] Univ Calabria, DIMES, P Bucci 41C, I-87036 Arcavacata Di Rende, CS, Italy

来源：

2015 IEEE 27TH INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE (ICTAI 2015) | 2015年

关键词：

Intrusion detection systems; Semi-supervised learning; N-grams; Anomaly detection; FTP traffic;

D O I：

10.1109/ICTAI.2015.155

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Signature-based and protocol-based intrusion detection systems (IDS) are employed as means to reveal content-based network attacks. Such systems have proven to be effective in identifying known intrusion attempts and exploits but they fail to recognize new types of attacks or carefully crafted variants of well known ones. This paper presents the design and the development of an anomaly-based IDS technique which is able to detect content-based attacks carried out over application level protocols, like HTTP and FTP. In order to identify anomalous packets, the payload is split up in chunks of equal length and the n-gram technique is used to learn which byte sequences usually appear in each chunk. The devised technique builds a different model for each pair < protocol of interest, packet length > and uses them to classify the incoming traffic. Models are build by means of a semi-supervised approach. Experimental results witness that the technique achieves an excellent accuracy with a very low false positive rate.

引用

页码：1093 / 1098

页数：6

共 50 条

[21] N-gram similarity and distance
Kondrak, Grzegorz
[J]. STRING PROCESSING AND INFORMATION RETRIEVAL, PROCEEDINGS, 2005, 3772 : 115 - 126
[22] Using N-Gram Variations in Static Analysis for Malware Detection
Radovancovici, Marco
Galis, Darius
Pungila, Ciprian
[J]. 2022 24TH INTERNATIONAL SYMPOSIUM ON SYMBOLIC AND NUMERIC ALGORITHMS FOR SCIENTIFIC COMPUTING, SYNASC, 2022, : 195 - 199
[23] N-gram模型综述
尹陈
吴敏
[J]. 计算机系统应用, 2018, 27 (10) : 33 - 38
[24] N-gram over Context
Kawamae, Noriaki
[J]. PROCEEDINGS OF THE 25TH INTERNATIONAL CONFERENCE ON WORLD WIDE WEB (WWW'16), 2016, : 1045 - 1055
[25] XSS Attack Detection With Machine Learning and n-Gram Methods
Habibi, Gulit
Surantha, Nico
[J]. PROCEEDINGS OF 2020 INTERNATIONAL CONFERENCE ON INFORMATION MANAGEMENT AND TECHNOLOGY (ICIMTECH), 2020, : 516 - 520
[26] BIGRAM VS N-GRAM
HALPIN, P
[J]. BYTE, 1988, 13 (08): : 26 - 26
[27] Recasting the discriminative n-gram model as a pseudo-conventional n-gram model for LVCSR
Zhou, Zhengyu
Meng, Helen
[J]. 2008 IEEE INTERNATIONAL CONFERENCE ON ACOUSTICS, SPEECH AND SIGNAL PROCESSING, VOLS 1-12, 2008, : 4933 - 4936
[28] Optimisation of Character n-gram Profiles Method for Intrinsic Plagiarism Detection
Kuta, Marcin
Kitowski, Jacek
[J]. ARTIFICIAL INTELLIGENCE AND SOFT COMPUTING, ICAISC 2014, PT II, 2014, 8468 : 500 - 511
[29] A discriminative method for protein remote homology detection based on N-Gram
Xie, S.
Li, P.
Jiang, Y.
Zhao, Y.
[J]. GENETICS AND MOLECULAR RESEARCH, 2015, 14 (01): : 69 - 78
[30] n-gram Effect in Malware Detection Using Multilayer Perceptron (MLP)
Purnama, Benni
Stiawan, Deris
Hanapi, Darmawijoyo
Winanto, Eko Arip
Budiarto, Rahmat
Bin Idris, Mohd Yazid
[J]. 2021 8TH INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING, COMPUTERSCIENCE AND INFORMATICS (EECSI) 2021, 2021, : 45 - 49

← 1 2 3 4 5 →