Please use this identifier to cite or link to this item:
https://dspace.iiti.ac.in/handle/123456789/4672
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Swarnkar, Mayank | en_US |
| dc.contributor.author | Hubballi, Neminath | en_US |
| dc.date.accessioned | 2022-03-17T01:00:00Z | - |
| dc.date.accessioned | 2022-03-17T15:35:07Z | - |
| dc.date.available | 2022-03-17T01:00:00Z | - |
| dc.date.available | 2022-03-17T15:35:07Z | - |
| dc.date.issued | 2016 | - |
| dc.identifier.citation | Swarnkar, M., & Hubballi, N. (2016). Rangegram: A novel payload based anomaly detection technique against web traffic. Paper presented at the International Symposium on Advanced Networks and Telecommunication Systems, ANTS, , 2016-February doi:10.1109/ANTS.2015.7413635 | en_US |
| dc.identifier.isbn | 9781509002931 | - |
| dc.identifier.issn | 2153-1684 | - |
| dc.identifier.other | EID(2-s2.0-84962175397) | - |
| dc.identifier.uri | https://doi.org/10.1109/ANTS.2015.7413635 | - |
| dc.identifier.uri | https://dspace.iiti.ac.in/handle/123456789/4672 | - |
| dc.description.abstract | Application specific intrusion detection methods are used to detect network intrusions targeted at applications. Normally such detection methods require payload or packet content analysis. One of the prominent method of payload modeling and analysis is sequence or ngram modeling. Normally ngrams generated from a packet are compared with a database of ngrams seen during training phase. Depending on the number of ngrams found or not found in the packet it is labeled either as normal or anomalous. Previous methods use either presence or absence of ngram in training dataset or use frequency of its occurrence in the entire training dataset. This approach results into many false positives and false negatives. In this paper we propose a novel payload analysis technique for the detection of Zero day attacks against web traffic. We consider the minimum and maximum occurrence frequency of a particular ngram from a packet in training dataset and find deviations from this range to detect anomalies. Experiments on a large dataset has shown good detection rate with low false positives. © 2015 IEEE. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | IEEE Computer Society | en_US |
| dc.source | International Symposium on Advanced Networks and Telecommunication Systems, ANTS | en_US |
| dc.subject | Intrusion detection | en_US |
| dc.subject | Large dataset | en_US |
| dc.subject | Application specific | en_US |
| dc.subject | Detection methods | en_US |
| dc.subject | Intrusion detection method | en_US |
| dc.subject | Model and analysis | en_US |
| dc.subject | Network intrusions | en_US |
| dc.subject | Packet contents | en_US |
| dc.subject | Payload analysis | en_US |
| dc.subject | Training dataset | en_US |
| dc.subject | Anomaly detection | en_US |
| dc.title | Rangegram: A novel payload based anomaly detection technique against web traffic | en_US |
| dc.type | Conference Paper | en_US |
| Appears in Collections: | Department of Computer Science and Engineering | |
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
Altmetric Badge: