Applying Autonomic Intrusion Detection on Web Applications

Detalhes bibliográficos
Autor(a) principal: Ferreira, Eduardo Alves
Data de Publicação: 2012
Outros Autores: de Mello, Rodrigo Fernandes
Tipo de documento: Artigo
Idioma: eng
Título da fonte: INFOCOMP: Jornal de Ciência da Computação
Texto Completo: https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/347
Resumo: The characterization of system behavior is a commonly considered approach when performing intrusion detection. Such approach is limited when the observed context is unstructured, that is, contextcharacterization is not a trivial task. In order to tackle this issue, this paper considers the use of singlepass clustering techniques to quantize unstructured data, generating time series where novelty detection techniques can be employed to detect intrusion incidents. We evaluate this approach using public system characterization data sets, and the outputs of a web application in a simulated environment. Weobserved that our approach is capable of aggregating context information into time series in order to represent the behavior of applications with fairly enough precision to detect attacks.
id UFLA-5_e5a4f501deb1e6f586019b843191ecb4
oai_identifier_str oai:infocomp.dcc.ufla.br:article/347
network_acronym_str UFLA-5
network_name_str INFOCOMP: Jornal de Ciência da Computação
repository_id_str
spelling Applying Autonomic Intrusion Detection on Web ApplicationsIntrusion detectionWeb applicationsThe characterization of system behavior is a commonly considered approach when performing intrusion detection. Such approach is limited when the observed context is unstructured, that is, contextcharacterization is not a trivial task. In order to tackle this issue, this paper considers the use of singlepass clustering techniques to quantize unstructured data, generating time series where novelty detection techniques can be employed to detect intrusion incidents. We evaluate this approach using public system characterization data sets, and the outputs of a web application in a simulated environment. Weobserved that our approach is capable of aggregating context information into time series in order to represent the behavior of applications with fairly enough precision to detect attacks.Editora da UFLA2012-03-01info:eu-repo/semantics/articleinfo:eu-repo/semantics/publishedVersionapplication/pdfhttps://infocomp.dcc.ufla.br/index.php/infocomp/article/view/347INFOCOMP Journal of Computer Science; Vol. 11 No. 1 (2012): March, 2012; 13-211982-33631807-4545reponame:INFOCOMP: Jornal de Ciência da Computaçãoinstname:Universidade Federal de Lavras (UFLA)instacron:UFLAenghttps://infocomp.dcc.ufla.br/index.php/infocomp/article/view/347/331Copyright (c) 2016 INFOCOMP Journal of Computer Scienceinfo:eu-repo/semantics/openAccessFerreira, Eduardo Alvesde Mello, Rodrigo Fernandes2015-07-29T12:29:09Zoai:infocomp.dcc.ufla.br:article/347Revistahttps://infocomp.dcc.ufla.br/index.php/infocompPUBhttps://infocomp.dcc.ufla.br/index.php/infocomp/oaiinfocomp@dcc.ufla.br||apfreire@dcc.ufla.br1982-33631807-4545opendoar:2024-05-21T19:54:33.353070INFOCOMP: Jornal de Ciência da Computação - Universidade Federal de Lavras (UFLA)true
dc.title.none.fl_str_mv Applying Autonomic Intrusion Detection on Web Applications
title Applying Autonomic Intrusion Detection on Web Applications
spellingShingle Applying Autonomic Intrusion Detection on Web Applications
Ferreira, Eduardo Alves
Intrusion detection
Web applications
title_short Applying Autonomic Intrusion Detection on Web Applications
title_full Applying Autonomic Intrusion Detection on Web Applications
title_fullStr Applying Autonomic Intrusion Detection on Web Applications
title_full_unstemmed Applying Autonomic Intrusion Detection on Web Applications
title_sort Applying Autonomic Intrusion Detection on Web Applications
author Ferreira, Eduardo Alves
author_facet Ferreira, Eduardo Alves
de Mello, Rodrigo Fernandes
author_role author
author2 de Mello, Rodrigo Fernandes
author2_role author
dc.contributor.author.fl_str_mv Ferreira, Eduardo Alves
de Mello, Rodrigo Fernandes
dc.subject.por.fl_str_mv Intrusion detection
Web applications
topic Intrusion detection
Web applications
description The characterization of system behavior is a commonly considered approach when performing intrusion detection. Such approach is limited when the observed context is unstructured, that is, contextcharacterization is not a trivial task. In order to tackle this issue, this paper considers the use of singlepass clustering techniques to quantize unstructured data, generating time series where novelty detection techniques can be employed to detect intrusion incidents. We evaluate this approach using public system characterization data sets, and the outputs of a web application in a simulated environment. Weobserved that our approach is capable of aggregating context information into time series in order to represent the behavior of applications with fairly enough precision to detect attacks.
publishDate 2012
dc.date.none.fl_str_mv 2012-03-01
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
info:eu-repo/semantics/publishedVersion
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/347
url https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/347
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv https://infocomp.dcc.ufla.br/index.php/infocomp/article/view/347/331
dc.rights.driver.fl_str_mv Copyright (c) 2016 INFOCOMP Journal of Computer Science
info:eu-repo/semantics/openAccess
rights_invalid_str_mv Copyright (c) 2016 INFOCOMP Journal of Computer Science
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Editora da UFLA
publisher.none.fl_str_mv Editora da UFLA
dc.source.none.fl_str_mv INFOCOMP Journal of Computer Science; Vol. 11 No. 1 (2012): March, 2012; 13-21
1982-3363
1807-4545
reponame:INFOCOMP: Jornal de Ciência da Computação
instname:Universidade Federal de Lavras (UFLA)
instacron:UFLA
instname_str Universidade Federal de Lavras (UFLA)
instacron_str UFLA
institution UFLA
reponame_str INFOCOMP: Jornal de Ciência da Computação
collection INFOCOMP: Jornal de Ciência da Computação
repository.name.fl_str_mv INFOCOMP: Jornal de Ciência da Computação - Universidade Federal de Lavras (UFLA)
repository.mail.fl_str_mv infocomp@dcc.ufla.br||apfreire@dcc.ufla.br
_version_ 1799874741394210816