Abstract

In this paper, we propose a method for network intrusion detection based on language models. Our method proceeds by extracting language features such as n-grams and words from connection payloads and applying unsupervised anomaly detection—without prior learning phase or presence of labeled data. The essential part of this procedure is linear-time computation of similarity measures between language models of connection payloads. Particular patterns in these models decisive for differentiation of attacks and normal data can be traced back to attack semantics and utilized for automatic generation of attack signatures.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Detecting Unknown Network Attacks Using Language Models
Konrad Rieck ... Pavel Laskov
-
Konrad Rieck, et. al.Konrad Rieck ... Pavel Laskov
01 Jan 2006
A Marine Hydrographic Station Networks Intrusion Detection Method Based on LCVAE and CNN-BiLSTM
Tianhao Hou ... Xin Su
Journal of Marine Science and Engineering | VOL. 11
Tianhao Hou, et. al.Tianhao Hou ... Xin Su
14 Jan 2023
A Distinguished Method for Network Intrusion Detection using Random Initialized Viterbi Algorithm in Hidden Markov Model
Sharmila S P ... Pratyush Shukla
-
Sharmila S P, et. al.Sharmila S P ... Pratyush Shukla
01 Dec 2022
Dynamic Deep Forest: An Ensemble Classification Method for Network Intrusion Detection
Bo Hu ... Yifan Zhu
Electronics | VOL. 8
Bo Hu, et. al.Bo Hu ... Yifan Zhu
30 Aug 2019
View more papers

More From: Journal in Computer Virology

Paper Title
Journal
Date
Author
Dronezilla: designing an accurate malware behavior retrieval system
Mihai Cimpoesu ... Claudiu Popa
Journal in Computer Virology | VOL. 8
Mihai Cimpoesu, et. al.Mihai Cimpoesu ... Claudiu Popa
04 Jul 2012
ECFGM: enriched control flow graph miner for unknown vicious infected code detection
Mojtaba Eskandari ... Sattar Hashemi
Journal in Computer Virology | VOL. 8
Mojtaba Eskandari, et. al.Mojtaba Eskandari ... Sattar Hashemi
19 Jun 2012
Anti-virtual machines and emulations
Anoirel Issa
Journal in Computer Virology | VOL. 8
Anoirel IssaAnoirel Issa
19 Jun 2012
A practical approach on clustering malicious PDF documents
Cristina Vatamanu ... Răzvan Benchea
Journal in Computer Virology | VOL. 8
Cristina Vatamanu, et. al.Cristina Vatamanu ... Răzvan Benchea
15 Jun 2012
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.