Effective Dimensionality Reduction of Payload-Based Anomaly Detection in TMAD Model for HTTP Payload |
Kakavand, Mohsen
(Faculty of Computer Science and Information Technology, Universiti Putra Malaysia)
Mustapha, Norwati (Faculty of Computer Science and Information Technology, Universiti Putra Malaysia) Mustapha, Aida (Faculty of Computer Science and Information Technology, Universiti Tun Hussein Onn Malaysia) Abdullah, Mohd Taufik (Faculty of Computer Science and Information Technology, Universiti Putra Malaysia) |
1 | M. Conti, N. Dragoni, and V. Lesyk, "A Survey of Man In The Middle Attacks," IEEE Commun. Surv. Tutorials, no. 99, pp. 1-1, 2016. Article (CrossRef Link) |
2 | M. Kakavand, N. Mustapha, A. Mustapha, M. T. Abdullah, and H. Riahi, "Issues and Challenges in Anomaly Intrusion Detection for HTTP Web Services," J. Comput. Sci., vol. 11, no. 11, pp. 1041-1053, 2015. Article (CrossRef Link) DOI |
3 | GReAT, "Kaspersky Lab report: Evaluating the Threat Level of Software Vulnerabilities" Kaspersky Labs' Global Research & Analysis Team, [Online]. Available: http://www.kaspersky.com. [Accessed: 01-Jan-2013]. Article (CrossRef Link) |
4 | V. Chandola, A. Banerjee, and V. Kumar, "Anomaly Detection: A Survey," ACM Comput. Surv., vol. 41, no. 3, pp. 1-58, Jul. 2009. Article (CrossRef Link) DOI |
5 | Y. Yu, "A Survey of Anomaly Intrusion Detection Techniques," J. Comput. Sci. Coll., vol. 28, no. 1, pp. 9-17, 2012. Article (CrossRef Link) |
6 | M. Conti, L. V. Mancini, R. Spolaor, and N. V. Verde, "Analyzing Android Encrypted Network Traffic to Identify User Actions," IEEE Trans. Inf. Forensics Secur., vol. 11, no. 1, pp. 114-125, 2016. Article (CrossRef Link) DOI |
7 | C. Kruegel, T. Toth, and E. Kirda, "Service Specific Anomaly Detection for Network Intrusion Detection," in Proc. of ACM symposium on Applied computing, pp. 201-208, 2002. Article (CrossRef Link) |
8 | K. Wang, J. J. Parekh, and S. J. Stolfo, "Anagram : A Content Anomaly Detector Resistant to Mimicry Attack," Speinger,Computer Sci., vol. 4219, pp. 226-248, 2006. Article (CrossRef Link) |
9 | R. Perdisci, D. Ariu, P. Fogla, G. Giacinto, and W. Lee, "McPAD : A Multiple Classifier System for Accurate Payload-based Anomaly Detection," Elsevier Sci. Comput. Networks, vol. 5, no. 6, pp. 864-881, 2009. Article (CrossRef Link) DOI |
10 | Z. Tan, A. Jamdagni, X. He, and P. Nanda, "Network Intrusion Detection based on LDA for Payload Feature Selection," in Proc. of IEEE Globecom Workshops, pp. 1545-1549, 2010. Article (CrossRef Link) |
11 | W. Wang and R. Battiti, "Identifying Intrusions in Computer Networks based on Principal Component Analysis," in Proc. of the First International Conference on Availability, Reliability and Security, no. DIT-05-084, pp. 270-79, 2006. Article (CrossRef Link) |
12 | J. Zhu, H. Wang, and X. Zhang, "Discrimination-Based Feature Selection for Multinomial Naïve Bayes Text Classification," in Proc. of 21st Int. Conf. ICCPOL, Singapore, December 17-19. Proc., vol. 4285, pp. 149-156, 2006. Article (CrossRef Link) |
13 | C. Kruegel and G. Vigna, "Stateful Intrusion Detection for High-Speed Networks," Press. IEEE Symp. Secur. Priv., pp. 258-293, 2002. Article (CrossRef Link) |
14 | A. Juvonen and T. Hamalainen, "An Efficient Network Log Anomaly Detection System Using Random Projection Dimensionality Reduction," in Proc. of 6th Int. Conf. New Technol. Mobil. Secur., pp. 1-5, 2014. Article (CrossRef Link) |
15 | M. Kakavand, N. Mustapha, A. Mustapha, and M. T. Abdullah, "A Text Mining-Based Anomaly Detection Model in Network Security," Glob. J. Comput. Sci. Technol., vol. GJCST 201, no. 5, pp. 23-31, 2015. Article (CrossRef Link) |
16 | F. S. Tsai, "Dimensionality Reduction Techniques for Blog Visualization," Expert Syst. Appl., vol. 38, no. 3, pp. 2766-2773, Mar. 2011. Article (CrossRef Link) DOI |
17 | D. Yang and H. Qi, "A network Intrusion Detection Method Using Independent Component Analysis," in Proc. of 19th Int. Conf. Pattern Recognit., pp. 1-4, Dec. 2008. Article (CrossRef Link) |
18 | V. a. Golovko, L. U. Vaitsekhovich, P. a. Kochurko, and U. S. Rubanau, "Dimensionality Reduction and Attack Recognition using Neural Network Approaches," Int. Jt. Conf. Neural Networks, pp. 2734-2739, Aug. 2007. Article (CrossRef Link) |
19 | Y. Chen, Y. Li, X. Cheng, and L. Guo, "Survey and Taxonomy of Feature Selection Algorithms in Intrusion Detection System," Springer, Comput. Sci., vol. 4318, pp. 153-167, 2006. Article (CrossRef Link) |
20 | S. Singh and S. Silakari, "Generalized Discriminant Analysis Algorithm for Feature Reduction in Cyber," Int. J. Comput. Sci. Inf. Secur., vol. 6, no. 1, pp. 173-180, 2009. Article (CrossRef Link) |
21 | K. S. Telangre and P. S. B. Sarkar, "Anomaly Detection Using Multidimensional Reduction Principal Component Analysis," IOSR J. Comput. Eng., vol. 16, no. 1, pp. 86-90, 2014. Article (CrossRef Link) DOI |
22 | Y. J. Lee, Y. R. Yeh, and Y. C. F. Wang, "Anomaly Detection via Online Oversampling Principal Component Analysis," Knowl. Data Eng. IEEE Trans., vol. 25, no. 7, pp. 1460-1470, 2013. Article (CrossRef Link) DOI |
23 | F. Angiulli, L. Argento, and A. Furfaro, "PCkAD: An Unsupervised Intrusion Detection Technique Exploiting within Payload n-gram Location Distribution," Cryptogr. Secur., pp. 1-6, 2014. Article (CrossRef Link) |
24 | A. Juvonen, T. Sipola, and T. Hamalainen, "Online Anomaly Detection Using Dimensionality Reduction Techniques for HTTP Log Analysis," Comput. Networks, vol. 91, pp. 46-56, 2015. Article (CrossRef Link) DOI |
25 | I. Jolliffe, "Principle Component Analysis," Wiley Online Libr., 2005. Article (CrossRef Link) |
26 | A. R. Webb, Statistical Pattern Recognition, Second., vol. 35, no. 1. John Wiley & Sons, Ltd, 2002. Article (CrossRef Link) |
27 | I. S. Dhillon, S. Mallela, and D. S. Modha, "Information-heoretic Co-clustering," in Proc. of ninth ACM SIGKDD Int. Conf. Knowl. Discov. data Min. KDD 03, vol. 32, no. 3, p. 89, 2003. Article (CrossRef Link) |
28 | J. Mchugh, "Testing Intrusion Detection Systems : A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory," ACM Trans. Inf. Syst. Secur., vol. 3, no. 4, pp. 262-294, 2001. Article (CrossRef Link) DOI |
29 | A. M. Martinez and A. C. Kak, "PCA versus LDA," Pattern Anal. Mach. Intell. IEEE Trans., vol. 23, no. 2, pp. 228-233, 2001. Article (CrossRef Link) DOI |
30 | S. C. Madeira and A. L. Oliveira, "Biclustering Algorithms for Biological Data Analysis: A Survey," IEEE/ACM Trans. Comput. Biol. Bioinforma., vol. 1, no. 1, pp. 24-45, 2004. Article (CrossRef Link) DOI |
31 | A. Banerjee, C. Krumpelman, J. Ghosh, S. Basu, and R. J. Mooney, "Model-based Overlapping Clustering," in Proc. of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining - KDD '05, no. August, pp. 532-537, 2005. Article (CrossRef Link) |
32 | F. P. F. Pan, X. Z. X. Zhang, and W. W. W. Wang, "A General Framework for Fast Co-clustering on Large Datasets Using Matrix Decomposition," in Proc. of IEEE 24th International Conference on Data Engineering, vol. 0, pp. 1337-1339, 2008. Article (CrossRef Link) |
33 | A. Shiravi, H. Shiravi, M. Tavallaee, and A. a. Ghorbani, "Toward Developing a Systematic Approach to Generate Benchmark Datasets for Intrusion Detection," Comput. Secur. Elsevier, vol. 31, no. 3, pp. 357-374, May 2012. Article (CrossRef Link) DOI |
34 | R. Lippmann, J. W. Haines, D. J. Fried, J. Korba, and K. Das, "The 1999 DARPA Off-line Intrusion Detection Evaluation," Comput. Networks, vol. 34, no. 4, pp. 579-595, 2000. Article (CrossRef Link) DOI |
35 | R. Banchs, Text Mining with MATLAB. New York, NY: Springer New York, 2013. Article (CrossRef Link) |
36 | K. Wang and S. J. Stolfo, "Anomalous Payload-based Network Intrusion Detection," Springer Berlin Heidelberg, in Proc. of 7th Int. Symp. RAID, Sophia Antipolis, Fr. Sept. 15 - 17, vol. 3224, p. pp 203-222, 2004. Article (CrossRef Link) |
37 | A. Srivastava and M. Sahami, Text Mining, Classification, Clustering, and Aapplications. Taylor & Francis Group, 2009. Article (CrossRef Link) |
38 | A. Hotho, N. Andreas, G. Paaß, and S. Augustin, "A Brief Survey of Text Mining," LDV Forum - Gld. J. Comput. Linguist. Lang. Technol., pp. 1-37, 2005. Article (CrossRef Link) |
39 | C. E. Lance and R. J. Vandenberg, Statistical and Methodological Myths and Urban Legends: Doctrine, Verity and Fable in Organizational and Social Sciences. Taylor & Francis Group, 2009. Article (CrossRef Link) |
40 | R. Cangelosi and A. Goriely, "Component Retention in Principal Component Analysis with Application to cDNA Microarray data," Biol. Direct, vol. 2, pp. 1-21, Jan. 2007. Article (CrossRef Link) DOI |