Network Anomaly Detection with Payload-based Analysis

被引:0
|
作者
Ozdel, Suleyman [1 ]
Ates, Pelin Damla [1 ]
Ates, Cagatay [1 ]
Koca, Mutlu [1 ]
Anarim, Emin [1 ]
机构
[1] Bogazici Univ, Elekt Elekt Muhendisligi Bolumu, Istanbul, Turkey
来源
2022 30TH SIGNAL PROCESSING AND COMMUNICATIONS APPLICATIONS CONFERENCE, SIU | 2022年
关键词
attack detection; n-gram analysis; payload; entropy;
D O I
10.1109/SIU55565.2022.9864866
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
Network attacks become more complicated with the improvement of technology. Traditional statistical methods may be insufficient in detecting constantly evolving network attack. For this reason, the usage of payload-based deep packet inspection methods is very significant in detecting attack flows before they damage the system. In the proposed method, features are extracted from the byte distributions in the payload and these features are provided to characterize the flows more deeply by using N-Gram analysis methods. The proposed procedure has been tested on IDS 2012 and 2017 datasets, which are widely used in the literature.
引用
收藏
页数:4
相关论文
共 50 条
  • [1] Payload-based anomaly detection using KPCA
    Jia, Libin
    Ma, Jun
    Li, Lin
    PROCEEDINGS OF 2009 INTERNATIONAL CONFERENCE OF MANAGEMENT ENGINEERING AND INFORMATION TECHNOLOGY, VOLS 1 AND 2, 2009, : 566 - 569
  • [2] PU Learning in Payload-based Web Anomaly Detection
    Luo, Yuxuan
    Cheng, Shaoyin
    Liu, Chong
    Jiang, Fan
    2018 THIRD INTERNATIONAL CONFERENCE ON SECURITY OF SMART CITIES, INDUSTRIAL CONTROL SYSTEM AND COMMUNICATIONS (SSIC), 2018,
  • [3] Anomalous payload-based network intrusion detection
    Wang, K
    Stolfo, SJ
    RECENT ADVANCES IN INTRUSION DETECTION, PROCEEDINGS, 2004, 3224 : 203 - 222
  • [4] Payload-Based Network Traffic Analysis for Application Classification and Intrusion Detection
    Ozdel, Suleyman
    Ates, Cagatay
    Ates, Pelin Damla
    Koca, Mutlu
    Anarim, Emin
    2022 30TH EUROPEAN SIGNAL PROCESSING CONFERENCE (EUSIPCO 2022), 2022, : 638 - 642
  • [5] McPAD: A multiple classifier system for accurate payload-based anomaly detection
    Perdisci, Roberto
    Ariu, Davide
    Fogla, Prahlad
    Giacinto, Giorgio
    Lee, Wenke
    COMPUTER NETWORKS, 2009, 53 (06) : 864 - 881
  • [6] Effective Dimensionality Reduction of Payload-Based Anomaly Detection in TMAD Model for HTTP Payload
    Kakavand, Mohsen
    Mustapha, Norwati
    Mustapha, Aida
    Abdullah, Mohd Taufik
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2016, 10 (08): : 3884 - 3910
  • [7] An improved payload-based anomaly detector for web applications
    Jin, Xiaohui
    Cui, Baojiang
    Li, Dong
    Cheng, Zishuai
    Yin, Congxin
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2018, 106 : 111 - 116
  • [8] POCAD: a Novel Payload-based One-Class Classifier for Anomaly Detection
    Xuan Nam Nguyen
    Dai Tho Nguyen
    Long Hai Vu
    2016 3RD NATIONAL FOUNDATION FOR SCIENCE AND TECHNOLOGY DEVELOPMENT CONFERENCE ON INFORMATION AND COMPUTER SCIENCE (NICS), 2016, : 74 - 79
  • [9] Analysis of a Payload-based Network Intrusion Detection System using Pattern Recognition Processors
    Iqbal, Irshad M.
    Calix, Ricardo A.
    2016 INTERNATIONAL CONFERENCE ON COLLABORATION TECHNOLOGIES AND SYSTEMS (CTS), 2016, : 398 - 403
  • [10] Payload-Based Web Attack Detection Using Deep Neural Network
    Jin, Xiaohui
    Cui, Baojiang
    Yang, Jun
    Cheng, Zishuai
    ADVANCES ON BROAD-BAND WIRELESS COMPUTING, COMMUNICATION AND APPLICATIONS, BWCCA-2017, 2018, 12 : 482 - 488
12345