Detecting Web-Based Attacks by Machine Learning

Author

Cao, Lai-cheng

Author_Institution

Sch. of Comput. & Commun., Lanzhou Univ.

fYear

2006

fDate

13-16 Aug. 2006

Firstpage

2737

Lastpage

2742

Abstract

Web-based vulnerabilities represent a substantial portion of the security exposures of computer networks. Unfortunately, many anomaly Web-based intrusion detection systems (IDS) take on higher false alarm rate (FAR) and false negative rate (FNR). In this paper, we build this system using Adaboost, a prevailing machine learning algorithm, and its detecting model adopts a dynamic load-balancing algorithm, which can avoid packet loss and false negatives in high-performance Web severs with handling heavy traffic loads in real-time and can enhance the efficiency of detecting work. The experiments demonstrate that our system can achieve an especially low false positive rate (approximating 0.3%) and false negative rate (approaching 0.4%) while keeping an extremely low computational complexity

Keywords

Internet; computational complexity; learning (artificial intelligence); resource allocation; security of data; FAR; FNR; Web severs; Web-based attack detection; Web-based intrusion detection system; computational complexity; computer networks; dynamic load-balancing algorithm; false alarm rate; false negative rate; machine learning algorithm; Computational complexity; Computer networks; Cybernetics; Entropy; Intrusion detection; Machine learning; Machine learning algorithms; Real time systems; Support vector machines; Telecommunication traffic; Web server; Intrusion detection systems (IDS); false alarm rate (FAR); false negative rate (FNR); machine learning;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics, 2006 International Conference on

Conference_Location

Dalian, China

Print_ISBN

1-4244-0061-9

Type

conf

DOI

10.1109/ICMLC.2006.258990

Filename

4028526