Exploiting Content Spatial Distribution to Improve Detection of Intrusions

Angiulli Fabrizio; Argento Luciano; Furfaro Angelo

首页> 外文期刊>ACM Transactions on Internet Technology >Exploiting Content Spatial Distribution to Improve Detection of Intrusions

【24h】

Exploiting Content Spatial Distribution to Improve Detection of Intrusions

机译：利用内容空间分布，提高入侵检测

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

We present PCkAD, a novel semisupervised anomaly-based IDS (Intrusion Detection System) technique, detecting application-level content-based attacks. Its peculiarity is to learn legitimate payloads by splitting packets into chunks and determining the within-packet distribution of n-grams. This strategy is resistant to evasion techniques as blending. We prove that finding the right legitimate content is NP-hard in the presence of chunks. Moreover, it improves the false-positive rate for a given detection rate with respect to the case where the spatial information is not considered. Comparison with well-known IDSs using n-grams highlights that PCkAD achieves state-of-the-art performances.

机译：我们呈现PCKAD，一种新型的基于半植入的基于异常的IDS（入侵检测系统）技术，检测基于应用程序级内容的攻击。它的特殊性是通过将数据包分成块并确定n-gram的数据包分布来学习合法的有效载荷。这种策略对逃避技术进行了混合。我们证明了在块的存在下，找到正确的合法内容是NP - 困难。此外，它提高了对不考虑空间信息的情况的给定检测速率的假阳性率。使用N-GRAMS的众所周知的IDS比较PCKAD实现最先进的性能。

著录项

来源
《ACM Transactions on Internet Technology》 |2018年第2期|共21页
作者
Angiulli Fabrizio; Argento Luciano; Furfaro Angelo;
展开▼
作者单位

Univ Calabria Dept Informat Modeling Elect &

Syst Engn P Bucci 42 I-87036 Arcavacata Di Rende CS Italy;

Univ Calabria Dept Informat Modeling Elect &

Syst Engn P Bucci 42 I-87036 Arcavacata Di Rende CS Italy;

Univ Calabria Dept Informat Modeling Elect &

Syst Engn P Bucci 42 I-87036 Arcavacata Di Rende CS Italy;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
Intrusion detection systems; semisupervised learning; n-grams; anomaly detection;

机译：入侵检测系统;半草学习;n-grams;异常检测;

相似文献

外文文献
中文文献
专利

1. Exploiting Content Spatial Distribution to Improve Detection of Intrusions [J] . Angiulli Fabrizio, Argento Luciano, Furfaro Angelo ACM Transactions on Internet Technology . 2018,第2期

机译：利用内容空间分布，提高入侵检测
2. Development of an eight-channel NMR system using RF detection coils for measuring spatial distributions of current density and water content in the PEM of a PEFC [J] . Ogawa K., Yokouchi Y., Haishi T., Journal of magnetic resonance . 2013,第Null期

机译：开发使用射频检测线圈的八通道NMR系统，以测量PEFC的PEM中电流密度和水含量的空间分布
3. The Spatial &i&Redistribution of Chemical Elements and Their Isotopes in Layered Intrusions Provided by the Gradients of a Temperature, of a Pressure and of a Deformation&/i&, Using Lukkulaisvaara Intrusion (North Karelia) as an Example [J] . Alexander Kh. Zilbershtein, Alexander A. Chaihorsky, Vladimir S. Semenov Open Access Library Journal . 2019,第11期

机译：以Lukkulaisvaara侵入体（北卡累利阿）为例，通过温度，压力和变形梯度提供的分层侵入体中的化学元素及其同位素的空间i重新分布
4. Exploiting spatial distributions for minefield detection in cluttered environment [C] . Anh Trang, rnSanjeev Agarwal, rnThomas Broach, Detection and sensing of mines, explosive objects, and obscured targets XV . 2010

机译：开发空间分布以在杂乱环境中探测雷场
5. On optimizing traffic distribution for clusters of network intrusion detection and prevention systems. [D] . Le, Anh. 2008

机译：关于优化网络入侵检测和防御系统集群的流量分配。
6. Improving the Classification Effectiveness of Intrusion Detection by Using Improved Conditional Variational AutoEncoder and Deep Neural Network [O] . Yanqing Yang, Kangfeng Zheng, Chunhua Wu, 2019

机译：通过使用改进的条件变分自动编码器和深度神经网络提高入侵检测的分类效率
7. Exploiting frequent episodes in weighted suffix tree to improve intrusion detection system [O] . Min-feng Wang, Yen-ching Wu, Meng-feng Tsai 2008

机译：利用加权后缀树中的频繁剧集来改进入侵检测系统

Exploiting Content Spatial Distribution to Improve Detection of Intrusions

摘要

著录项

相似文献

相关主题

期刊订阅