Detecting Application-Layer Attacks Based on Hidden Semi-Markov Models
2014 ◽
Vol 631-632
◽
pp. 923-927
Keyword(s):
This paper presents an application-layer attack detection method based on hidden semi-markov models. In this method, the keywords of an application-layer protocol and their inter-arrival times are used as the observations, a hidden semi-markov model is used to describe the application-layer behaviors of a normal user who is using some application-layer protocol. This method is also based anomaly detection. In theory, application-layer anomaly detection can identify the known, unknown and novel attacks happened on application-layer. The experimental results show that this method can identify several application-layer attacks, and has high detection accuracy and low false positive ratio.
2013 ◽
Vol 411-414
◽
pp. 607-612
2019 ◽
Vol 8
(2)
◽
pp. 3658-3663
Keyword(s):
Keyword(s):
2018 ◽
Vol 1069
◽
pp. 012072
◽