کد مقاله | کد نشریه | سال انتشار | مقاله انگلیسی | نسخه تمام متن |
---|---|---|---|---|
6855533 | 660780 | 2016 | 10 صفحه PDF | دانلود رایگان |
عنوان انگلیسی مقاله ISI
OCPAD: One class Naive Bayes classifier for payload based anomaly detection
دانلود مقاله + سفارش ترجمه
دانلود مقاله ISI انگلیسی
رایگان برای ایرانیان
موضوعات مرتبط
مهندسی و علوم پایه
مهندسی کامپیوتر
هوش مصنوعی
پیش نمایش صفحه اول مقاله
![عکس صفحه اول مقاله: OCPAD: One class Naive Bayes classifier for payload based anomaly detection OCPAD: One class Naive Bayes classifier for payload based anomaly detection](/preview/png/6855533.png)
چکیده انگلیسی
We adapt one class Multinomial Naive Bayes classifier as anomaly detector for detecting HTTP attacks. OCPAD uses likelihood of each short sequence's occurrence in a payload of known non-malicious packets as a measure to derive the degree of maliciousness of a packet. In the training phase, OCPAD generates the likelihood range of each sequence's occurrence from every packet. In order to store the likelihood range of these sequences, we propose a novel and efficient data structure called ProbabilityâTree. In the testing phase, it treats a short sequence as anomalous if it is not found in the database or its likelihood of occurrence in a packet is not in the range found in training phase. Using the likelihood of anomalous short sequences, it generates a class label for a test packet. Our experiments with a large dataset of 1 million HTTP packets collected from an academic network revealed OCPAD has a high Detection Rate (up to 100%) compared to previous methods and acceptable rate of False Positives (less than 0.6%).
ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Expert Systems with Applications - Volume 64, 1 December 2016, Pages 330-339
Journal: Expert Systems with Applications - Volume 64, 1 December 2016, Pages 330-339
نویسندگان
Mayank Swarnkar, Neminath Hubballi,