Explainable Detection of Zero Day Web Attacks
作者: Arthur Zimek , Peter Schneider-Kamp , Jonas Herskind Sejr
DOI: 10.1109/ICDIS50059.2020.00016
关键词: Pipeline (software) 、 Outlier 、 Pipeline transport 、 Anomaly detection 、 Task analysis 、 Computer security 、 Computer science 、 Internet security 、 Zero (linguistics) 、 Service (systems architecture)
摘要: The detection of malicious HTTP(S) requests is a pressing concern in cyber security, particular given the proliferation HTTP-based (micro-)service architectures. In addition to rule-based systems for known attacks, anomaly has been shown be promising approach unknown (zero-day) attacks. This article extends existing work by integrating outlier explanations individual into an end-to-end pipeline. These reflect internal working Empirically, we show that found coincide with manually labelled identified outliers, allowing security professionals quickly identify and understand requests.
sci-hub.st 参考文章(28)
Xuan Hong Dang, Barbora Micenková, Ira Assent, Raymond T. Ng, Local outlier detection with interpretation european conference on machine learning. pp. 304- 320 ,(2013) , 10.1007/978-3-642-40994-3_20
Hans-Peter Kriegel, Peer Kröger, Erich Schubert, Arthur Zimek, Outlier Detection in Axis-Parallel Subspaces of High Dimensional Data Advances in Knowledge Discovery and Data Mining. pp. 831- 838 ,(2009) , 10.1007/978-3-642-01307-2_86
Gérard Dray, Chedy Raïssi, Mathieu Roche, Johan Brissaud, Maguelonne Teisseire, Pascal Poncelet, Web Analyzing Traffic Challenge: Description and Results european conference on principles of data mining and knowledge discovery. pp. 6- ,(2007)
J.M. Trenkle, W.B. Cavnar, N-gram-based text categorization ,(1994)
Stefan Axelsson, Intrusion Detection Systems: A Survey and Taxonomy ,(2002)
Ke Wang, Janak J. Parekh, Salvatore J. Stolfo, Anagram: A Content Anomaly Detector Resistant to Mimicry Attack Lecture Notes in Computer Science. pp. 226- 248 ,(2006) , 10.1007/11856214_12
Jonathan J. Davis, Andrew J. Clark, Data preprocessing for anomaly based network intrusion detection: A review Computers & Security. ,vol. 30, pp. 353- 375 ,(2011) , 10.1016/J.COSE.2011.05.008
H. T. Nguyen, C. Torrano-Gimenez, G. Alvarez, K. Franke, S. Petrovic, Enhancing the effectiveness of Web Application Firewalls by generic feature selection Logic Journal of the IGPL. ,vol. 21, pp. 560- 570 ,(2013) , 10.1093/JIGPAL/JZS033
Hans-Peter Kriegel, Matthias S hubert, Arthur Zimek, Angle-based outlier detection in high-dimensional data Proceeding of the 14th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD 08. pp. 444- 452 ,(2008) , 10.1145/1401890.1401946
Lei Duan, Guanting Tang, Jian Pei, James Bailey, Akiko Campbell, Changjie Tang, Mining outlying aspects on numeric data Data Mining and Knowledge Discovery. ,vol. 29, pp. 1116- 1151 ,(2015) , 10.1007/S10618-014-0398-2