Algorithms for network server anomaly behavior detection without traffic content inspection

Елисеев, В. Л.; Gurina, Anastasiya

doi:10.1145/2947626.2947643

Cited by 4 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, the proposed IDS can only detect the known types of assaults which can be detected from the routed packets sent from the other devices in the IoT environment. Eliseev and Gurina [100] proposed an intrusion scheme which is able to observe the abnormal behaviour of the devices in the IoT environment. Teir proposed intrusion system uses a correlation function which is based on the request-response method.…”

Section: Ids Based On Anomaly Detection Anomaly Intrusion Detection I...mentioning

confidence: 99%

A Comprehensive Survey on Machine Learning‐Based Intrusion Detection Systems for Secure Communication in Internet of Things

Kumar

Selvi

Kannan

2023

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

The Internet of Things (IoT) is a distributed system which is made up of the connections of smart objects (things) that can continuously sense the events in their sensing domain and transmit the data via the Internet. IoT is considered as the next revolution of the Internet since it has provided vast improvements in day-to-day activities of humans including the provision of efficient healthcare services and development of smart cities and intelligent transport systems. The IoT environment, by the application of suitable security mechanisms through efficient security management techniques, intrusion detection systems provide a wall of defence against the attacks on the Internet and on the devices connected with Internet by effective monitoring of the Internet traffic. Therefore, the intrusion detection system (IDS) is a resolution proposed by the researchers to monitor and secure the IoT communication. In this work, a meticulous analysis of the security of IoT networks based on quality-of-service metrics is performed for deploying intrusion detection systems by carrying out experiments on secured communication and measuring the network’s performance based on comparing them with the existing security metrics. Finally, we propose a new and effective IDS using a deep learning-based classification approach, namely, fuzzy CNN, for improving the security of communication. The major and foremost advantages of this system include an upsurge in detection accuracy, the accurate detection of denial of service (DoS) attacks more efficiently, and the reduction of false positive rates.

show abstract

Section: Ids Based On Anomaly Detection Anomaly Intrusion Detection I...mentioning

confidence: 99%

A Comprehensive Survey on Machine Learning‐Based Intrusion Detection Systems for Secure Communication in Internet of Things

Kumar

Selvi

Kannan

2023

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

show abstract

“…Since information processing takes some time, the timing of the response data stream also should be considered as an important characteristic. The cross-correlation function (XCF) for the time series of the incoming and outgoing web server traffic intensity was adopted as a formalized characteristic that combines both sizes and timing [33].…”

Section: Principles Of the Proposed Approachmentioning

confidence: 99%

“…As noted earlier, the set of features on which it is proposed to detect anomalous behavior is the correlation characteristics between the intensity of incoming and outgoing traffic, characterizing the processing of incoming requests. In this case, both Pearson correlation coefficients [32] and the correlation functions [33] can be used. The number of points in the XCF in discrete time is thus the dimension of the feature space in which one can attempt to construct a region of normal queries.…”

Section: Features Of the Normal Processingmentioning

confidence: 99%

See 1 more Smart Citation

Anomaly-Based Method for Detecting Multiple Classes of Network Attacks

Gurina

Елисеев

2019

Information

Self Cite

View full text Add to dashboard Cite

The article discusses the problem of detecting network attacks on a web server. The attention is focused on two common types of attacks: “denial of service” and “code injection”. A review and an analysis of various attack detection techniques are conducted. A new lightweight approach to detect attacks as anomalies is proposed. It is based on recognition of the dynamic response of the web server during requests processing. An autoencoder is implemented for dynamic response anomaly recognition. A case study with the MyBB web server is described. Several flood attacks and SQL injection attack are modeled and successfully detected by the proposed method. The efficiency of the detection algorithm is evaluated, and the advantages and disadvantages of the proposed approach are analyzed.

show abstract

Vertical Scanning Behavior Analysis of High-Frequency Superpoints

Guo

Ding

2022

2022 6th International Conference on Cryptography, Security and Privacy (CSP)

View full text Add to dashboard Cite

Algorithms for network server anomaly behavior detection without traffic content inspection

Cited by 4 publications

References 8 publications

A Comprehensive Survey on Machine Learning‐Based Intrusion Detection Systems for Secure Communication in Internet of Things

A Comprehensive Survey on Machine Learning‐Based Intrusion Detection Systems for Secure Communication in Internet of Things

Anomaly-Based Method for Detecting Multiple Classes of Network Attacks

Vertical Scanning Behavior Analysis of High-Frequency Superpoints

Contact Info

Product

Resources

About