Ezeife et al., 2008 - Google Patents
SensorWebIDS: a web mining intrusion detection systemEzeife et al., 2008
View PDF- Document ID
- 14530562233334492520
- Author
- Ezeife C
- Dong J
- Aggarwal A
- Publication year
- Publication venue
- International Journal of Web Information Systems
External Links
Snippet
Purpose–The purpose of this paper is to propose a web intrusion detection system (IDS), SensorWebIDS, which applies data mining, anomaly and misuse intrusion detection on web environment. Design/methodology/approach–SensorWebIDS has three main components …
- 238000001514 detection method 0 title abstract description 53
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Agarwal et al. | A closer look at intrusion detection system for web applications | |
| Davis et al. | Data preprocessing for anomaly based network intrusion detection: A review | |
| US9055093B2 (en) | Method, system and computer program product for detecting at least one of security threats and undesirable computer files | |
| Kartaltepe et al. | Social network-based botnet command-and-control: emerging threats and countermeasures | |
| Pilli et al. | Network forensic frameworks: Survey and research challenges | |
| Ghorbani et al. | Network intrusion detection and prevention: concepts and techniques | |
| US8997236B2 (en) | System, method and computer readable medium for evaluating a security characteristic | |
| US11632393B2 (en) | Detecting and mitigating malware by evaluating HTTP errors | |
| Baykara et al. | A novel hybrid approach for detection of web-based attacks in intrusion detection systems | |
| Ezeife et al. | SensorWebIDS: a web mining intrusion detection system | |
| Xiong et al. | User-assisted host-based detection of outbound malware traffic | |
| Razzaq et al. | Ontology based application level intrusion detection system by using bayesian filter | |
| Auxilia et al. | Anomaly detection using negative security model in web application | |
| Zheng et al. | A network state based intrusion detection model | |
| Wu et al. | A novel approach to trojan horse detection by process tracing | |
| Jogdand et al. | Survey of different IDS using honeytoken based techniques to mitigate cyber threats | |
| Bux et al. | Detection of malicious servers for preventing client-side attacks | |
| Hsiao et al. | Detecting stepping‐stone intrusion using association rule mining | |
| Çelik et al. | Detection of trickbot and emotet banking trojans with machine learning | |
| Helmer | Intelligent multi-agent system for intrusion detection and countermeasures | |
| Hatada et al. | Finding new varieties of malware with the classification of network behavior | |
| Cui | Automating malware detection by inferring intent | |
| Oluwaferanmi | Association Rule Mining and Graph-Based Models for Early Detection of Wi-Fi Based Man-in-the-Middle Phishing Attacks | |
| do Nascimento | Anomaly detection of web-based attacks | |
| Kaur et al. | A proactive framework for automatic detection of zero-day HTTP attacks on educational institutions |