東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Application of a Layered Hidden Mark...

Taub, Lawrence.

Linked to FindBook

Google Book

Amazon

博客來

Application of a Layered Hidden Markov Model in the Detection of Network Attacks.

Record Type:	Language materials, printed : Monograph/item
Title/Author:	Application of a Layered Hidden Markov Model in the Detection of Network Attacks./
Author:	Taub, Lawrence.
Description:	114 p.
Notes:	Source: Dissertation Abstracts International, Volume: 74-07(E), Section: B.
Contained By:	Dissertation Abstracts International74-07B(E).
Subject:	Computer Science. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3557131
ISBN:	9781267998910

Application of a Layered Hidden Markov Model in the Detection of Network Attacks.
Taub, Lawrence.

Application of a Layered Hidden Markov Model in the Detection of Network Attacks. - 114 p.

Source: Dissertation Abstracts International, Volume: 74-07(E), Section: B.

Thesis (Ph.D.)--Nova Southeastern University, 2013.

Network-based attacks against computer systems are a common and increasing problem. Attackers continue to increase the sophistication and complexity of their attacks with the goal of removing sensitive data or disrupting operations. Attack detection technology works very well for the detection of known attacks using a signature-based intrusion detection system. However, attackers can utilize attacks that are undetectable to those signature-based systems whether they are truly new attacks or modified versions of known attacks. Anomaly-based intrusion detection systems approach the problem of attack detection by detecting when traffic differs from a learned baseline. In the case of this research, the focus was on a relatively new area known as payload anomaly detection. In payload anomaly detection, the system focuses exclusively on the payload of packets and learns the normal contents of those payloads. When a payload's contents differ from the norm, an anomaly is detected and may be a potential attack. A risk with anomaly-based detection mechanisms is they suffer from high false positive rates which reduce their effectiveness. This research built upon previous research in payload anomaly detection by combining multiple techniques of detection in a layered approach. The layers of the system included a high-level navigation layer, a request payload analysis layer, and a request-response analysis layer. The system was tested using the test data provided by some earlier payload anomaly detection systems as well as new data sets. The results of the experiments showed that by combining these layers of detection into a single system, there were higher detection rates and lower false positive rates.

ISBN: 9781267998910Subjects--Topical Terms:

626642
Computer Science.

Application of a Layered Hidden Markov Model in the Detection of Network Attacks.
LDR:02601nam a2200277 4500 001 1963427
005 20141003074048.5
008 150210s2013 ||||||||||||||||| ||eng d
020 $a 9781267998910
035 $a (MiAaPQ)AAI3557131
035 $a AAI3557131
040 $a MiAaPQ $c MiAaPQ
100 1 $a Taub, Lawrence. $3 961911
245 1 0 $a Application of a Layered Hidden Markov Model in the Detection of Network Attacks.
300 $a 114 p.
500 $a Source: Dissertation Abstracts International, Volume: 74-07(E), Section: B.
500 $a Adviser: James Cannady.
502 $a Thesis (Ph.D.)--Nova Southeastern University, 2013.
520 $a Network-based attacks against computer systems are a common and increasing problem. Attackers continue to increase the sophistication and complexity of their attacks with the goal of removing sensitive data or disrupting operations. Attack detection technology works very well for the detection of known attacks using a signature-based intrusion detection system. However, attackers can utilize attacks that are undetectable to those signature-based systems whether they are truly new attacks or modified versions of known attacks. Anomaly-based intrusion detection systems approach the problem of attack detection by detecting when traffic differs from a learned baseline. In the case of this research, the focus was on a relatively new area known as payload anomaly detection. In payload anomaly detection, the system focuses exclusively on the payload of packets and learns the normal contents of those payloads. When a payload's contents differ from the norm, an anomaly is detected and may be a potential attack. A risk with anomaly-based detection mechanisms is they suffer from high false positive rates which reduce their effectiveness. This research built upon previous research in payload anomaly detection by combining multiple techniques of detection in a layered approach. The layers of the system included a high-level navigation layer, a request payload analysis layer, and a request-response analysis layer. The system was tested using the test data provided by some earlier payload anomaly detection systems as well as new data sets. The results of the experiments showed that by combining these layers of detection into a single system, there were higher detection rates and lower false positive rates.
590 $a School code: 1191.
650 4 $a Computer Science. $3 626642
650 4 $a Engineering, Computer. $3 1669061
690 $a 0984
690 $a 0464
710 2 $a Nova Southeastern University. $b Computer Information Systems (MCIS, DCIS). $3 1026582
773 0 $t Dissertation Abstracts International $g 74-07B(E).
790 $a 1191
791 $a Ph.D.
792 $a 2013
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=3557131