• DocumentCode
    2361495
  • Title

    Anomaly-based intrusion detection in software as a service

  • Author

    Nascimento, Gustavo ; Correia, Miguel

  • Author_Institution
    Portugal Telecom, Portugal
  • fYear
    2011
  • fDate
    27-30 June 2011
  • Firstpage
    19
  • Lastpage
    24
  • Abstract
    Anomaly-based intrusion detection systems (IDS) have the ability of detecting previously unknown attacks, which is important since new vulnerabilities and attacks are constantly appearing. Software as a service web applications are currently much targeted by attacks, so they are an obvious application for such IDSs. The paper presents a study of the use of anomaly-based IDSs with data from a production environment hosting a web application of large dimensions. It describes how challenges like processing a large number of requests and obtaining training data without attacks were solved. It also presents an evaluation comparing the accuracy obtained with the different types of models that were used to represent normal behavior.
  • Keywords
    cloud computing; security of data; Web applications; anomaly based intrusion detection; software as a service; Accuracy; Data models; Intrusion detection; Markov processes; Software; Training; Training data;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Dependable Systems and Networks Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on
  • Conference_Location
    Hong Kong
  • Print_ISBN
    978-1-4577-0374-4
  • Electronic_ISBN
    978-1-4577-0373-7
  • Type

    conf

  • DOI
    10.1109/DSNW.2011.5958858
  • Filename
    5958858
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2361495