TY  - CONF
ID  - SisLab2361
UR  - http://www.nafosted-nics.org
A1  - Nguyen, Xuan Nam
A1  - Nguyen, Dai Tho
A1  - Vu, Hai Long
Y1  - 2016///
N2  - In this paper, we propose a novel Payload-based One-class Classifier for Anomaly Detection called POCAD, which combines a generalized 2v-gram feature extractor and a one-class SVM classifier to effectively detect network intrusion attacks. We extensively evaluate POCAD with real-world datasets of HTTP-based attacks. Our experiment results show that POCAD can quickly detect malicious payload and achieves a high detection rate as well as a low false positive rate. The experiment results also show that POCAD outperforms state of the art payload-based detection schemes such as McPAD [8] and PAYL [5].
TI  - POCAD: a Novel Payload-based One-Class Classifier for Anomaly Detection
SP  - 74
M2  - Danang City, Vietnam
AV  - public
EP  - 79
T2  - 2016 3rd National Foundation for Science and Technology Development (NAFOSTED) Conference on Information and Computer Science (NICS)
ER  -