Detecting Application-Layer Attacks Based on User's Application-Layer Behaviors
2013 ◽
Vol 411-414
◽
pp. 607-612
Keyword(s):
This paper presents an application-layer attack detection method based on user’s application-layer behaviors. In this method, the keywords of an application-layer protocol and their inter-arrival times are used as the observations, a hidden semi-Markov model is used to describe the application-layer behaviors of a normal user who is using the application-layer protocol. This method is also based anomaly detection. In theory, application-layer anomaly detection can identify the known, unknown and novel attacks happened on application-layer. The experimental results show that this method can identify several application-layer attacks, and has high detection accuracy and low false positive ratio.
2014 ◽
Vol 631-632
◽
pp. 923-927
Keyword(s):
2014 ◽
Vol 644-650
◽
pp. 3291-3294
2019 ◽
Vol 8
(2)
◽
pp. 3658-3663
Keyword(s):
2016 ◽
Vol 136
(3)
◽
pp. 363-372
2015 ◽
Vol 135
(12)
◽
pp. 749-755