Abstract

We present PCkAD, a novel semisupervised anomaly-based IDS (Intrusion Detection System) technique, detecting application-level content-based attacks. Its peculiarity is to learn legitimate payloads by splitting packets into chunks and determining the within-packet distribution of n-grams. This strategy is resistant to evasion techniques as blending. We prove that finding the right legitimate content is NP-hard in the presence of chunks. Moreover, it improves the false-positive rate for a given detection rate with respect to the case where the spatial information is not considered. Comparison with well-known IDSs using n-grams highlights that PCkAD achieves state-of-the-art performances.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Creating Offline MANET IDS Network Traces
A Karygiannis ... E Antonakakis
-
A Karygiannis, et. al.A Karygiannis ... E Antonakakis
01 Jun 2007
Effect of Intrusion Detection on Reliability of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks
Jin-Hee Cho ... Phu-Gui Feng
IEEE Transactions on Reliability | VOL. 59
Jin-Hee Cho, et. al. Jin-Hee Cho ... Phu-Gui Feng
01 Mar 2010
Host-based intrusion detection system using Support Vector Machine
Saifullah Memon
Quaid-e-Awam University Research Journal of Engineering, Science & Technology | VOL. 20
Saifullah MemonSaifullah Memon
30 Jun 2022
Effect of Intrusion Detection on Failure Time of Mission-Oriented Mobile Group Systems in Mobile Ad Hoc Networks
Jin-Hee Cho ... Ing-Ray Chen
-
Jin-Hee Cho, et. al.Jin-Hee Cho ... Ing-Ray Chen
01 Dec 2008
View more papers

More From: ACM Transactions on Internet Technology

Paper Title
Journal
Date
Author
Signature-based IaaS Performance Change Detection
Athman Bouguettaya ... Sheik Mohammad Mostakim Fattah
ACM Transactions on Internet Technology | VOL. -
Athman Bouguettaya, et. al.Athman Bouguettaya ... Sheik Mohammad Mostakim Fattah
26 Oct 2024
A Network Calculus Model for SFC Realization and Traffic Bounds Estimation in Data Centers
Sidharth Sharma ... Admela Jukan
ACM Transactions on Internet Technology | VOL. -
Sidharth Sharma, et. al.Sidharth Sharma ... Admela Jukan
11 Oct 2024
Enhancing Alexa Skill Testing Through Improved Utterance Discovery
Hassan A Shafei ... Chiu C Tan
ACM Transactions on Internet Technology | VOL. -
Hassan A Shafei, et. al.Hassan A Shafei ... Chiu C Tan
28 Sep 2024
Federated In-Network Machine Learning for Privacy-Preserving IoT Traffic Analysis
Mingyuan Zang ... Changgang Zheng
ACM Transactions on Internet Technology | VOL. -
Mingyuan Zang, et. al.Mingyuan Zang ... Changgang Zheng
26 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.