Please use this identifier to cite or link to this item:
Title: Distress detection (poster abstract)
Authors: Vella, Mark Joseph
Terzis, Sotirios
Roper, Marc
Keywords: Computer networks -- Security measures
Computer security
Web servers -- Security measures
Computer crimes
Issue Date: 2012
Publisher: Springer
Citation: Vella, M., Terzis, S., & Roper, M. (2012, September). Distress detection. International Workshop on Recent Advances in Intrusion Detection, Germany. 384-385.
Abstract: Web attacks are a major security concern as novel attacks can be easily created by exploiting different vulnerabilities, using different attack payloads, and/or encodings (obfuscation). Intrusion detection systems (IDS) aim to correctly detect attacks. There are two main approaches to intrusion detection: misuse and anomaly detection. Despite the difference in approach, they both fail to offer adequate resilience to novel attacks due to the difficulty in generalizing beyond known attack or normal behavior. Distress Detection. The aim of distress detection (DD) is to address this problem and to provide resilience to novel attacks by generalizing beyond known attacks while controlling the false positives (FP) rate. In order to achieve this DD combines attack generalization based on attacker objectives, dynamic analysis techniques for the definition of suspicious behavior signatures, and feature-based correlation of suspicious HTTP requests and system events.
Appears in Collections:Scholarly Works - FacICTCS

Files in This Item:
File Description SizeFormat 
Distress_detection_(poster abstract)(2012).pdf
  Restricted Access
68.24 kBAdobe PDFView/Open Request a copy

Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.