Nguyen, Xuan Nam and Nguyen, Dai Tho and Vu, Hai Long (2016) POCAD: a Novel Payload-based One-Class Classifier for Anomaly Detection. In: 2016 3rd National Foundation for Science and Technology Development (NAFOSTED) Conference on Information and Computer Science (NICS), September 14-16, 2016, Danang City, Vietnam.
![[img]](https://eprints.uet.vnu.edu.vn/eprints/style/images/fileicons/application_pdf.png) |
PDF
- Published Version
Download (1MB) |
Abstract
In this paper, we propose a novel Payload-based One-class Classifier for Anomaly Detection called POCAD, which combines a generalized 2v-gram feature extractor and a one-class SVM classifier to effectively detect network intrusion attacks. We extensively evaluate POCAD with real-world datasets of HTTP-based attacks. Our experiment results show that POCAD can quickly detect malicious payload and achieves a high detection rate as well as a low false positive rate. The experiment results also show that POCAD outperforms state of the art payload-based detection schemes such as McPAD [8] and PAYL [5].
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Subjects: | Information Technology (IT) |
| Divisions: | Faculty of Information Technology (FIT) |
| Depositing User: | Dr. Dai Tho Nguyen |
| Date Deposited: | 29 Dec 2016 08:24 |
| Last Modified: | 12 Jan 2017 16:15 |
| URI: | http://eprints.uet.vnu.edu.vn/eprints/id/eprint/2361 |
Actions (login required)
 |
View Item |
