Title :
Modeling Unknown Web Attacks in Network Anomaly Detection
Author_Institution :
Comput. Eng. Dept., Shenzhen Polytech., Shenzhen
Abstract :
Due to the unknown Web attacks are hardly be detected and the early warning and response mechanism cannot be established, many of intrusion detection systems (IDSs) are only effective in detecting known Web attacks and cannot evaluate the risk of Web service. In order to conquer these limitations and inspired by immune principles, this paper presents an immune-based active defense model for Web attacks which is on the basis of the clone selection and hyper-mutation. Therefore, the immune learning algorithm and the attack detection mechanism are given. The risk of Web attacks is quantitatively analyzed on the relationship between the antibody concentration and the state of an illness in biological immune system (BIS). Theoretical analysis and experimental evaluation demonstrate that the model is more suitable for detecting unknown attacks, and provides an active defense mechanism for detecting network anomalies.
Keywords :
Web services; learning (artificial intelligence); security of data; Web service; attack detection mechanism; biological immune system; clone selection; early warning mechanism; hyper mutation; immune learning algorithm; immune-based active defense model; intrusion detection system; network anomaly detection; response mechanism; unknown Web attacks; Biological system modeling; Cloning; Computer networks; Immune system; Information technology; Intrusion detection; Performance analysis; Risk analysis; Web server; Web services;
Conference_Titel :
Convergence and Hybrid Information Technology, 2008. ICCIT '08. Third International Conference on
Conference_Location :
Busan
Print_ISBN :
978-0-7695-3407-7
DOI :
10.1109/ICCIT.2008.151
