Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks

Jamdagni, A; Tan, T; Nanda, P; He, S; Liu, R

Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks

Jamdagni, A Tan, T Nanda, P

He, S

Liu, R

Permalink

Publisher:: Secau - Security Research Centre
Publication Type:: Journal Article
Citation:: Journal of Network Forensics, 2011, 2 (2), pp. 25 - 39
Issue Date:: 2011-01

Closed Access

	Filename	Description	Size
	Mahalanobis Distance Map Approach for Anomaly Detection.pdf	Published Version	422.05 kB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Jamdagni, A	en_US
dc.contributor.author	Tan, T	en_US
dc.contributor.author	Nanda, P https://orcid.org/0000-0002-5748-155X	en_US
dc.contributor.author	He, S https://orcid.org/0000-0001-8962-540X	en_US
dc.contributor.author	Liu, R https://orcid.org/0000-0001-7001-6305	en_US
dc.date.issued	2011-01	en_US
dc.identifier.citation	Journal of Network Forensics, 2011, 2 (2), pp. 25 - 39	en_US
dc.identifier.issn	1834-5344	en_US
dc.identifier.uri	http://hdl.handle.net/10453/34151
dc.description.abstract	Web serverss and web-based applications are commonly used attack targets. The main issue are how to prevent unauthorized access and to protect web server from the attack. Intrusion Detection Systems and networks. This paper focuses on the detection of various web-based attacks using Geometrical Structure Anomaly Detectin (GSAD) model. Further, a novel algorithm is proposed using Linear Discriminant Analysis (LDA) for the selection of most discriminating features to reduce the computational complexity of payload-based GSAD model. GSAD model is based on a pattern recognition technique used in image payload features to calculate the difference between normal and abnormal network traffice. GSAD model is evaluated experimentally on the real attacks (GATECH) dataset and on the DARPA 1999 dataset.	en_US
dc.language	English	en_US
dc.publisher	Secau - Security Research Centre	en_US
dc.relation.ispartof	Journal of Network Forensics	en_US
dc.title	Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks	en_US
dc.type	Journal Article
utslib.citation.volume	2	en_US
utslib.for	0806 Information Systems	en_US
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
pubs.organisational-group	/University of Technology Sydney/Strength - CRIN - Realtime Information Networks
pubs.organisational-group	/University of Technology Sydney/Strength - GBDTC - Global Big Data Technologies
pubs.organisational-group	/University of Technology Sydney/Strength - INEXT - Innovation in IT Services and Applications
utslib.copyright.status	closed_access
pubs.consider-herdc	true	en_US
pubs.issue	2	en_US
pubs.publication-status	Published	en_US
pubs.volume	2	en_US

Abstract:

Web serverss and web-based applications are commonly used attack targets. The main issue are how to prevent unauthorized access and to protect web server from the attack. Intrusion Detection Systems and networks. This paper focuses on the detection of various web-based attacks using Geometrical Structure Anomaly Detectin (GSAD) model. Further, a novel algorithm is proposed using Linear Discriminant Analysis (LDA) for the selection of most discriminating features to reduce the computational complexity of payload-based GSAD model. GSAD model is based on a pattern recognition technique used in image payload features to calculate the difference between normal and abnormal network traffice. GSAD model is evaluated experimentally on the real attacks (GATECH) dataset and on the DARPA 1999 dataset.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/34151