A two-tier system for web attack detection using linear discriminant method

Zhiyuan Tan*, Aruna Jamdagni, Xiangjian He, Priyadarsi Nanda, Ren Ping Liu, Wenjing Jia, Wei Chang Yeh

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

5 Citations (Scopus)

Abstract

Computational cost is one of the major concerns of the commercial Intrusion Detection Systems (IDSs). Although these systems are proven to be promising in detecting network attacks, they need to check all the signatures to identify a suspicious attack in the worst case. This is time consuming. This paper proposes an efficient two-tier IDS, which applies a statistical signature approach and a Linear Discriminant Method (LDM) for the detection of various Web-based attacks. The two-tier system converts high-dimensional feature space into a low-dimensional feature space. It is able to reduce the computational cost and integrates groups of signatures into an identical signature. The integration of signatures reduces the cost of attack identification. The final decision is made on the integrated low-dimensional feature space. Finally, the proposed two-tier system is evaluated using DARPA 1999 IDS dataset for webbased attack detection.

Original languageEnglish
Title of host publicationInformation and Communications Security - 12th International Conference, ICICS 2010, Proceedings
Place of PublicationBerlin
PublisherSpringer, Springer Nature
Pages459-471
Number of pages13
Volume6476 LNCS
ISBN (Print)3642176496, 9783642176494
DOIs
Publication statusPublished - 2010
Externally publishedYes
Event2010 International Conference on Information and Communications Security, ICICS 2010 - Barcelona, Spain
Duration: 15 Dec 201017 Dec 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6476 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other2010 International Conference on Information and Communications Security, ICICS 2010
Country/TerritorySpain
CityBarcelona
Period15/12/1017/12/10

Keywords

  • Feature selection
  • Intrusion detection
  • Linear discriminant method
  • Packet payload
  • Web-based attack

Fingerprint

Dive into the research topics of 'A two-tier system for web attack detection using linear discriminant method'. Together they form a unique fingerprint.

Cite this