VNU-UET Repository

Intrusion Detection Using a More General Feature Extraction Method for Payload-based Anomaly One-Class Classifier

Nguyen, Xuan Nam and Nguyen, Dai Tho (2017) Intrusion Detection Using a More General Feature Extraction Method for Payload-based Anomaly One-Class Classifier. In: Hội thảo lần thứ II Một số vấn đề chọn lọc về an toàn an ninh thông tin, December 2-3, 2017, Ho Chi Minh City, Vietnam. (In Press)

[img] PDF
Download (1MB)

Abstract

In this paper, we proposed a method to extract more general features of data for payload-based anomaly IDS. However, because of the significant rise in the number of features, there are numerous redundancies, leading to the rise in the complexity and the decrease in the accuracy of the classification. To that end, we apply Chi square [9] feature selection method to pick up the best features in the feature set. We have done many experiments on real world dataset of HTTP-based attacks to evaluate the performance of our classifier using our feature extraction method. The results show that our classifier can quickly detect the attack packets with very high true positive rate while keeping the false positive rate at a very low level. Besides, the results also indicate that our classifier outperforms other classifiers such as McPAD [10], and PAY [12, 13].

Item Type: Conference or Workshop Item (Paper)
Additional Information: Bài báo này đã giành được giải thưởng "Best Paper Award" tại hội thảo SOIS 2017.
Subjects: Information Technology (IT)
Divisions: Faculty of Information Technology (FIT)
Depositing User: Dr. Dai Tho Nguyen
Date Deposited: 29 Dec 2017 08:48
Last Modified: 29 Dec 2017 08:48
URI: http://eprints.uet.vnu.edu.vn/eprints/id/eprint/2759

Actions (login required)

View Item View Item