A modular architecture for the analysis of HTTP payloads based on Multiple Classiﬁers

Title	A modular architecture for the analysis of HTTP payloads based on Multiple Classiﬁers
Publication Type	Conference Paper
Year of Publication	2011
Authors	Ariu, D, Giacinto, G
Editor	Sansone, C, Kittler, J, Roli, F
Conference Name	10th Int. Workshop on Multiple Classifier Systems (MCS 2011), Naples, Italy
Date Published	15/06/2011
Keywords	ids00, mcs00
Abstract	In this paper we propose an Intrusion Detection System (IDS) for the detection of attacks against a web server. The system analyzes the requests received by a web server, and is based on a two-stages classiﬁcation algorithm that heavily relies on the MCS paradigm. In the ﬁrst stage the structure of the HTTP requests is modeled using several ensembles of Hidden Markov Models. Then, the outputs of these ensembles are combined using a one-class classiﬁcation algorithm. We evaluated the system on several datasets of real traﬃc and real attacks. Experimental results, and comparisons with state-of.the.art detection systems show the eﬀectiveness of the proposed approach.
Notes	Ariu - Workshop on Multiple Classifier Systems - 2011
Citation Key	1092

Download:

Attachment	Size
Ariu_MCS2011.pdf	244.9 KB

BibTex

Copyright Notice: Since these papers are published, the copyright has been transferred to the respective publishers. Therefore, the papers cannot be duplicated for commercial purposes. We report here IEEE's copyright notice and ACM's copyright notice; other publishers have similar ones.

IEEE Copyright Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

ACM Copyright Notice: Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org

Seguici su:

You are here

A modular architecture for the analysis of HTTP payloads based on Multiple Classiﬁers