Detecting Zero-Day Attacks Using Contextual Relations
作者: Ahmed Aleroud , George Karabatis
DOI: 10.1007/978-3-319-08618-7_36
关键词:
摘要: The focus of this research is a knowledge-based intrusion detection technique that utilizes contextual relations between known attacks to identify zero-day attacks, which are exploits unknown software vulnerabilities. proposed uses information entropy and linear data transformation generate feature-based function-based attack profiles. It systematically creates relationships profiles capture most likely combinations activities an attacker might exploit initiate attacks. We utilize the similarity among features incoming network connections these discover Our experiments on benchmark datasets indicate utilizing leads satisfactory rate from at different levels granularity.
springer.com
elsevier.com
sci-hub.st 参考文章(23)
Gürsel Serpen, Maheshkumar Sabhnani, Application of Machine Learning Algorithms to KDD Intrusion Detection Dataset within Misuse Detection Context. MLMTA. pp. 209- 215 ,(2003)
Suresh Singh, James R. Binkley, An algorithm for anomaly-based botnet detection conference on steps to reducing unwanted traffic on internet. pp. 7- 7 ,(2006)
Lingyu Wang, Sushil Jajodia, Anoop Singhal, Steven Noel, k-zero day safety: measuring the security risk of networks against unknown attacks european symposium on research in computer security. ,vol. 6345, pp. 573- 587 ,(2010) , 10.1007/978-3-642-15497-3_35
Shyam Boriah, Varun Chandola, Vipin Kumar, Similarity measures for categorical data: A comparative evaluation siam international conference on data mining. pp. 243- 254 ,(2008) , 10.1137/1.9781611972788.22
Dimitris Gritzalis, Marianthi Theoharidou, Bart Preneel, Computer Security - Esorics 2010 ,(2011)
Anna Sperotto, Ramin Sadre, Frank van Vliet, Aiko Pras, A Labeled Data Set for Flow-Based Intrusion Detection ip operations and management. pp. 39- 50 ,(2009) , 10.1007/978-3-642-04968-2_4
Emmanuele Zambon, Sandro Etalle, Damiano Bolzoni, Pieter H. Hartel, Poseidon: A 2-tier Anomaly-based Intrusion Detection System CTIT technical report series. ,(2005)
Jungsuk Song, Hayato Ohba, Hiroki Takakura, Yasuo Okabe, Kenji Ohira, Yongjin Kwon, A comprehensive approach to detect unknown attacks via intrusion detection alerts ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security. pp. 247- 253 ,(2007) , 10.1007/978-3-540-76929-3_23
Taeshik Shon, Jongsub Moon, A hybrid machine learning approach to network anomaly detection Information Sciences. ,vol. 177, pp. 3799- 3821 ,(2007) , 10.1016/J.INS.2007.03.025
Ali Shiravi, Hadi Shiravi, Mahbod Tavallaee, Ali A. Ghorbani, Toward developing a systematic approach to generate benchmark datasets for intrusion detection Computers & Security. ,vol. 31, pp. 357- 374 ,(2012) , 10.1016/J.COSE.2011.12.012