A two-tier system for web attack detection using linear discriminant method

Zhiyuan Tan; Aruna Jamdagni; Xiangjian He; Priyadarsi Nanda; Ren Ping Liu; Wenjing Jia; Wei-chang Yeh

doi:10.1007/978-3-642-17650-0_32

A two-tier system for web attack detection using linear discriminant method

Zhiyuan Tan, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu, Wenjing Jia, Wei-chang Yeh

Research output: Contribution to journal › Article › peer-review

5 Citations (Scopus)

Abstract

Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This paper proposes an efficient two-tier IDS, which applies a statistical signature approach and a Linear Discriminant Method (LDM) for the detection of various Web-based attacks. The two-tier system converts high-dimensional feature space into a low-dimensional feature space. It is able to reduce the computational cost and integrates groups of signatures into an identical signature. The integration of signatures reduces the cost of attack identification. The final decision is made on the integrated low-dimensional feature space. Finally, the proposed two-tier system is evaluated using DARPA 1999 IDS dataset for webbased attack detection.

Original language	English
Pages (from-to)	459-471
Number of pages	13
Journal	Lecture Notes in Computer Science
Volume	6476
DOIs	https://doi.org/10.1007/978-3-642-17650-0_32
Publication status	Published - 2010

Access to Document

10.1007/978-3-642-17650-0_32

Cite this

@article{bcdbb588c2e14184b26cbb35f700a9eb,

title = "A two-tier system for web attack detection using linear discriminant method",

abstract = "Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This paper proposes an efficient two-tier IDS, which applies a statistical signature approach and a Linear Discriminant Method (LDM) for the detection of various Web-based attacks. The two-tier system converts high-dimensional feature space into a low-dimensional feature space. It is able to reduce the computational cost and integrates groups of signatures into an identical signature. The integration of signatures reduces the cost of attack identification. The final decision is made on the integrated low-dimensional feature space. Finally, the proposed two-tier system is evaluated using DARPA 1999 IDS dataset for webbased attack detection.",

author = "Zhiyuan Tan and Aruna Jamdagni and Xiangjian He and Priyadarsi Nanda and Liu, {Ren Ping} and Wenjing Jia and Wei-chang Yeh",

year = "2010",

doi = "10.1007/978-3-642-17650-0_32",

language = "English",

volume = "6476",

pages = "459--471",

journal = "Lecture Notes in Computer Science",

issn = "0302-9743",

publisher = "Springer",

}

TY - JOUR

T1 - A two-tier system for web attack detection using linear discriminant method

AU - Tan, Zhiyuan

AU - Jamdagni, Aruna

AU - He, Xiangjian

AU - Nanda, Priyadarsi

AU - Liu, Ren Ping

AU - Jia, Wenjing

AU - Yeh, Wei-chang

PY - 2010

Y1 - 2010

N2 - Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This paper proposes an efficient two-tier IDS, which applies a statistical signature approach and a Linear Discriminant Method (LDM) for the detection of various Web-based attacks. The two-tier system converts high-dimensional feature space into a low-dimensional feature space. It is able to reduce the computational cost and integrates groups of signatures into an identical signature. The integration of signatures reduces the cost of attack identification. The final decision is made on the integrated low-dimensional feature space. Finally, the proposed two-tier system is evaluated using DARPA 1999 IDS dataset for webbased attack detection.

AB - Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This paper proposes an efficient two-tier IDS, which applies a statistical signature approach and a Linear Discriminant Method (LDM) for the detection of various Web-based attacks. The two-tier system converts high-dimensional feature space into a low-dimensional feature space. It is able to reduce the computational cost and integrates groups of signatures into an identical signature. The integration of signatures reduces the cost of attack identification. The final decision is made on the integrated low-dimensional feature space. Finally, the proposed two-tier system is evaluated using DARPA 1999 IDS dataset for webbased attack detection.

UR - http://handle.uws.edu.au:8081/1959.7/533289

U2 - 10.1007/978-3-642-17650-0_32

DO - 10.1007/978-3-642-17650-0_32

M3 - Article

SN - 0302-9743

VL - 6476

SP - 459

EP - 471

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

ER -

A two-tier system for web attack detection using linear discriminant method

Abstract

Access to Document

Other files and links

Fingerprint

Cite this