Pattern recognition approach for anomaly detection of web-based attacks

Aruna Jamdagni; Zhiyuan Tan; Ren Ping Liu; Priyadarsi Nanda; Xiangjian He

Pattern recognition approach for anomaly detection of web-based attacks

Aruna Jamdagni
, Zhiyuan Tan
, Ren Ping Liu
, Priyadarsi Nanda
, Xiangjian He

School of Computer, Data & Mathematical Sciences

Research output: Chapter in Book / Conference Paper › Conference Paper › peer-review

Abstract

The universal use of the Internet has made it more difficult to achieve high security. Attackers target web applications instead of Telnet ports. Cyber-attacks and breaches of information security are increasing in frequency. The goal of Intrusion Detection Systems (lDSs) is to monitor network traffic and detect web-based attacks. Common lDSs are either signature based or anomaly based. Signature based IDS is unable to detect novel attack (i.e., zero-day) or polymorphic attacks, until the signature database is updated. On the other hand, an anomaly-based IDS can detect new attacks and polymorphic attacks. However, anomaly based system has a relatively high number of false positives.

Original language	English
Title of host publication	Proceedings of the Seventh Annual CSIRO ICT Centre Science and Engineering Conference: 10-11 November 2010, Australian Technology Park, Eveleigh, NSW, Australia
Publisher	CSIRO
Number of pages	2
ISBN (Print)	9780643101647
Publication status	Published - 2010
Event	CSIRO ICT Centre Science and Engineering Conference - Duration: 10 Nov 2010 → …

Conference

Conference	CSIRO ICT Centre Science and Engineering Conference
Period	10/11/10 → …

Cite this

@inproceedings{0227eac824ed48f9a38ff140b26ed302,

title = "Pattern recognition approach for anomaly detection of web-based attacks",

abstract = "The universal use of the Internet has made it more difficult to achieve high security. Attackers target web applications instead of Telnet ports. Cyber-attacks and breaches of information security are increasing in frequency. The goal of Intrusion Detection Systems (lDSs) is to monitor network traffic and detect web-based attacks. Common lDSs are either signature based or anomaly based. Signature based IDS is unable to detect novel attack (i.e., zero-day) or polymorphic attacks, until the signature database is updated. On the other hand, an anomaly-based IDS can detect new attacks and polymorphic attacks. However, anomaly based system has a relatively high number of false positives.",

author = "Aruna Jamdagni and Zhiyuan Tan and Liu, \{Ren Ping\} and Priyadarsi Nanda and Xiangjian He",

year = "2010",

language = "English",

isbn = "9780643101647",

booktitle = "Proceedings of the Seventh Annual CSIRO ICT Centre Science and Engineering Conference: 10-11 November 2010, Australian Technology Park, Eveleigh, NSW, Australia",

publisher = "CSIRO",

note = "CSIRO ICT Centre Science and Engineering Conference ; Conference date: 10-11-2010",

}

Pattern recognition approach for anomaly detection of web-based attacks. / Jamdagni, Aruna; Tan, Zhiyuan; Liu, Ren Ping et al.
Proceedings of the Seventh Annual CSIRO ICT Centre Science and Engineering Conference: 10-11 November 2010, Australian Technology Park, Eveleigh, NSW, Australia. CSIRO, 2010.

Research output: Chapter in Book / Conference Paper › Conference Paper › peer-review

TY - GEN

T1 - Pattern recognition approach for anomaly detection of web-based attacks

AU - Jamdagni, Aruna

AU - Tan, Zhiyuan

AU - Liu, Ren Ping

AU - Nanda, Priyadarsi

AU - He, Xiangjian

PY - 2010

Y1 - 2010

N2 - The universal use of the Internet has made it more difficult to achieve high security. Attackers target web applications instead of Telnet ports. Cyber-attacks and breaches of information security are increasing in frequency. The goal of Intrusion Detection Systems (lDSs) is to monitor network traffic and detect web-based attacks. Common lDSs are either signature based or anomaly based. Signature based IDS is unable to detect novel attack (i.e., zero-day) or polymorphic attacks, until the signature database is updated. On the other hand, an anomaly-based IDS can detect new attacks and polymorphic attacks. However, anomaly based system has a relatively high number of false positives.

AB - The universal use of the Internet has made it more difficult to achieve high security. Attackers target web applications instead of Telnet ports. Cyber-attacks and breaches of information security are increasing in frequency. The goal of Intrusion Detection Systems (lDSs) is to monitor network traffic and detect web-based attacks. Common lDSs are either signature based or anomaly based. Signature based IDS is unable to detect novel attack (i.e., zero-day) or polymorphic attacks, until the signature database is updated. On the other hand, an anomaly-based IDS can detect new attacks and polymorphic attacks. However, anomaly based system has a relatively high number of false positives.

UR - http://handle.uws.edu.au:8081/1959.7/533342

M3 - Conference Paper

SN - 9780643101647

BT - Proceedings of the Seventh Annual CSIRO ICT Centre Science and Engineering Conference: 10-11 November 2010, Australian Technology Park, Eveleigh, NSW, Australia

PB - CSIRO

T2 - CSIRO ICT Centre Science and Engineering Conference

Y2 - 10 November 2010

ER -

Pattern recognition approach for anomaly detection of web-based attacks

Abstract

Conference

Other files and links

Fingerprint

Cite this