Journal
Scientific and Technical Journal of Information Technologies, Mechanics and Optics
UDK
Issue:2 (102)
Download PDF0 Kbyte
INVESTIGATION OF NEURAL NETWORK ALGORITHM FOR DETECTION OF NETWORK HOST ANOMALIES IN THE AUTOMATED SEARCH FOR XSS VULNERABILITIES AND SQL INJECTIONS
Annotation
A problem of aberrant behavior detection for network communicating computer is discussed. A novel approach based on dynamic response of computer is introduced. The computer is suggested as a multiple-input multiple-output (MIMO) plant. To characterize dynamic response of the computer on incoming requests a correlation between input data rate and observed output response (outgoing data rate and performance metrics) is used. To distinguish normal and aberrant behavior of the computer one-class neural network classifieris used. General idea of the algorithm is shortly described. Configuration of network testbed for experiments with real attacks and their detection is presented (the automated search for XSS and SQL injections). Real found-XSS and SQL injection attack software was used to model the intrusion scenario. It would be expectable that aberrant behavior of the server will reveal itself by some instantaneous correlation response which will be significantly different from any of normal ones. It is evident that correlation picture of attacks from different malware running, the site homepage overriding on the server (so called defacing), hardware and software failures will differ from correlation picture of normal functioning. Intrusion detection algorithm is investigated to estimate false positive and false negative rates in relation to algorithm parameters. The importance of correlation width value and threshold value selection was emphasized. False positive rate was estimated along the time series of experimental data. Some ideas about enhancement of the algorithm quality and robustness were mentioned.
Keywords
Постоянный URL
Articles in current issue
- TRENDS IN THE DEVELOPMENT OF DETONATION ENGINES FOR HIGH-SPEED AEROSPACE AIRCRAFTS AND THE PROBLEM OF TRIPLE CONFIGURATIONS OF SHOCK WAVES. Part II - Research of counterpropagating shock waves and triple shock wave configurations
- CONCENTRIC LENS SYSTEMS
- EVALUATION OF CHROMATICITY COORDINATES SHIFT FOR IMAGE DISPLAYED ON LIQUID CRYSTAL PANELS WITH VARIOUS PROPERTIES ON COLOR REPRODUCTION
- DESIGNING FEATURES OF POWER OPTICAL UNITS FOR TECHNOLOGICAL EQUIPMENT
- APPLICATION OF THE LONGITUDINAL CHROMATIC ABERRATION EFFECT FOR DISTANCES MEASUREMENT ON THE BASIS OF A SINGLE PHOTO
- ANALYSIS OF CAMOUFLAGE COVER SPECTRAL CHARACTERISTICS BY IMAGING SPECTROMETER
- RESEARCH OF THERMO-OPTICAL INHOMOGENEITIES IN Yb-Er GLASS AT DIODE PUMPING
- OPTICAL PROPERTIES OF CARBAMIDE AQUEOUS SOLUTIONS
- FIRE-RESISTANCE PROPERTIES RESEARCH OF “WATER GLASS - GRAPHITE MICROPARTICLES” COMPOSITE MATERIAL
- SEMI-AUTOMATIC SPEAKER VERIFICATION SYSTEM
- COMPUTATIONALLY EFFICIENT PRIVATE INFORMATION RETRIEVAL PROTOCOL
- FORENSIC LINGUISTICS: AUTOMATIC WEB AUTHOR IDENTIFICATION
- DEVELOPMENT AND TESTING OF ERRORS CORRECTION ALGORITHM IN ELECTRONIC DESIGN AUTOMATION
- EFFICIENCY OF REDUNDANT QUERY EXECUTION IN MULTI-CHANNEL SERVICE SYSTEMS
- INVESTIGATION OF NEURAL NETWORK ALGORITHM FOR DETECTION OF NETWORK HOST ANOMALIES IN THE AUTOMATED SEARCH FOR XSS VULNERABILITIES AND SQL INJECTIONS
- EVALUATION OF SEMANTIC SIMILARITY FOR SENTENCES IN NATURAL LANGUAGE BY MATHEMATICAL STATISTICS METHODS
- INVESTIGATION OF INFLUENCE OF ENCODING FUNCTION COMPLEXITY ON DISTRIBUTION OF ERROR MASKING PROBABILITY
- IMPROVEMENT OF REFERENCE BASE IN THE FIELD OF METROLOGICAL ASSURANCE OF THREAD JOINTS
- MICROCLIMATE CARTOGRAPHY USING DATA FROM THE EARTH REMOTE SENSING AND SIMULATION OF THERMAL FIELDS
- NUMERICAL SIMULATION OF SHOCK WAVE DIFFRACTION OVER RIGHT ANGLE ON UNSTRUCTURED MESHES
- MODELING OF RAIL BAR DYNAMIC GAP AT ITS BREAK FOR DIFFERENT STIFFNESS VALUES OF RAIL BASE
- ALGEBRAIC PROPERTIES OF MATRIX COMPONENTS OF CONTROL PLANT MODELS IN PLACEMENT STATE MATRIX MODES OF SYSTEM ALGORITHMS FOR DESIGNED SYSTEM
- ANTIREFLECTION MULTILAYER COATINGS WITH THIN METAL LAYERS
- TWO-STEP ALGORITHM OF TRAINING INITIALIZATION FOR ACOUSTIC MODELS BASED ON DEEP NEURAL NETWORKS
- ON THE POSSIBILITY OF BURNING ACCELERATION IN THE COMBUSTION CHAMBERS OF ADVANCED JET ENGINES BY DEEPLY SUBCRITICAL MICROWAVE DISCHARGE