- New
-
Topics
- All Categories
- Metaphysics and Epistemology
- Value Theory
- Science, Logic, and Mathematics
- Science, Logic, and Mathematics
- Logic and Philosophy of Logic
- Philosophy of Biology
- Philosophy of Cognitive Science
- Philosophy of Computing and Information
- Philosophy of Mathematics
- Philosophy of Physical Science
- Philosophy of Social Science
- Philosophy of Probability
- General Philosophy of Science
- Philosophy of Science, Misc
- History of Western Philosophy
- Philosophical Traditions
- Philosophy, Misc
- Other Academic Areas
- Journals
- Submit material
- More
On the application of compression-based metrics to identifying anomalous behaviour in web traffic
Logic Journal of the IGPL 28 (4):546-557 (2020)
Abstract
In cybersecurity, there is a call for adaptive, accurate and efficient procedures to identifying performance shortcomings and security breaches. The increasing complexity of both Internet services and traffic determines a scenario that in many cases impedes the proper deployment of intrusion detection and prevention systems. Although it is a common practice to monitor network and applications activity, there is not a general methodology to codify and interpret the recorded events. Moreover, this lack of methodology somehow erodes the possibility of diagnosing whether event detection and recording is adequately performed. As a result, there is an urge to construct general codification and classification procedures to be applied on any type of security event in any activity log. This work is focused on defining such a method using the so-called normalized compression distance (NCD). NCD is parameter-free and can be applied to determine the distance between events expressed using strings. As a first step in the concretion of a methodology for the integral interpretation of security events, this work is devoted to the characterization of web logs. On the grounds of the NCD, we propose an anomaly-based procedure for identifying web attacks from web logs. Given a web query as stored in a security log, a NCD-based feature vector is created and classified using a support vector machine. The method is tested using the CSIC-2010 data set, and the results are analyzed with respect to similar proposals.Author's Profile
My notes
Similar books and articles
Hybrid Weighted K-Means Clustering and Artificial Neural Network for an Anomaly-Based Network Intrusion Detection System.Devara Vasumathi & Rafath Samrin - 2018 - Journal of Intelligent Systems 27 (2):135-147.
A Critical Analysis on the Security Architectures of Internet of Things: The Road Ahead.Vivek V. Jog & T. Senthil Murugan - 2018 - Journal of Intelligent Systems 27 (2):149-162.
Dynamic Traffic Congestion Simulation and Dissipation Control Based on Traffic Flow Theory Model and Neural Network Data Calibration Algorithm.Li Wang, Shimin Lin, Jingfeng Yang, Nanfeng Zhang, Ji Yang, Yong Li, Handong Zhou, Feng Yang & Zhifu Li - 2017 - Complexity:1-11.
Image Compression Based on Block SVD Power Method.Khalid El Asnaoui - 2019 - Journal of Intelligent Systems 29 (1):1345-1359.
Application of Normalized Compression Distance and Lempel-Ziv Jaccard Distance in Micro-electrode Signal Stream Classification for the Surgical Treatment of Parkinson’s Disease.Kamil Ząbkiewicz - 2018 - Studies in Logic, Grammar and Rhetoric 56 (1):45-57.
A roadmap towards improving managed security services from a privacy perspective.Nils Ulltveit-Moe - 2014 - Ethics and Information Technology 16 (3):227-240.
Intelligent SDN based traffic Aggregation and Measurement Paradigm.M. Malboubi, L. Wang, C. N. Chuah & P. Sharma - unknown
Time series forecasting with model selection applied to anomaly detection in network traffic.Łukasz Saganowski & Tomasz Andrysiak - 2020 - Logic Journal of the IGPL 28 (4):531-545.
Adaptive Shadow and Highlight Invariant Colour Segmentation for Traffic Sign Recognition Based on Kohonen SOM.Al-Hasanat R. M. Bin Mumtaz & Hasan Fleyeh - 2011 - Journal of Intelligent Systems 20 (1):15-31.
Eigen Based Traffic Sign Recognition Which Aids In Achieving Intelligent Speed Adaptation.Erfan Davami & Hasan Fleyeh - 2011 - Journal of Intelligent Systems 20 (2):129-145.
The Application of the Acoustic Complexity Indices (ACI) to Ecoacoustic Event Detection and Identification (EEDI) Modeling.A. Farina, N. Pieretti, P. Salutari, E. Tognari & A. Lombardi - 2016 - Biosemiotics 9 (2):227-246.
An ethical assessment model for digital disease detection technologies.Kerstin Denecke - 2017 - Life Sciences, Society and Policy 13 (1):1-11.
Deep packet inspection for intelligent intrusion detection in software-defined industrial networks: A proof of concept.Markel Sainz, Iñaki Garitano, Mikel Iturbe & Urko Zurutuza - 2020 - Logic Journal of the IGPL 28 (4):461-472.
WNN-Based Prediction of Security Situation Awareness for the Civil Aviation Network.Zhijun Wu, Shaopu Ma & Lan Ma - 2015 - Journal of Intelligent Systems 24 (1):55-67.
Measurement of vessel traffic service operator performance.E. Wiersma & N. Mastenbroek - 1998 - AI and Society 12 (1-2):78-86.
Analytics
Added to PP
2020-08-02
Downloads
18 (#837,580)
6 months
6 (#530,399)
2020-08-02
Downloads
18 (#837,580)
6 months
6 (#530,399)
Historical graph of downloads
Author's Profile
Citations of this work
On directional accuracy of some methods to forecast time series of cybersecurity aggregates.Miguel V. Carriegos, Ramón Ángel Fernández Díaz, M. T. Trobajo & Diego Asterio De Zaballa - 2022 - Logic Journal of the IGPL 30 (6):954-964.
References found in this work
No Free Lunch Theorems for Optimization.D. H. Wolpert & W. G. Macready - 1997 - IEEE Transactions on Evolutionary Computation 1 (1):67–82.
PhilPapers logo by Andrea Andrews and Meghan Driscoll.
This site uses cookies and Google Analytics (see our terms & conditions for details regarding the privacy implications). Use of this site is subject to terms & conditions.
All rights reserved by The PhilPapers Foundation
Server: philpapers-web-5ff6c685cb-rskd8 uwo