Abiola Abimbola
Investigating false positive reduction in HTTP via procedure analysis.
Abimbola, Abiola; Munoz, Jose; Buchanan, William J
Abstract
This paper focuses on high false-positive rate of attacks. First, the merits and demerits of research work in curbing false positive rate of attacks in intrusion detection systems (IDSs) are discussed. Then we present our research efforts in the form of an IDS called NetHost-Sensor, recap on past NetHost-Sensor research contributions and discusses in detail its novel procedure analysis technique in curbing false-positive. We discuss in detail, the NetHost-Sensor methodology, its procedure analysis technique and report on our experimental investigation that shows the reduction of false-positives, using HTTP network communication as a medium for analysis. Finally, we validate our research work by comparing false-positives with Snort IDS
| Conference Name | IEEE International Conference on Networking and Services (ICNS 2006) |
|---|---|
| Start Date | Jul 16, 2006 |
| End Date | Jul 18, 2006 |
| Publication Date | Jul 16, 2006 |
| Deposit Date | Jun 2, 2008 |
| Publicly Available Date | Jun 2, 2008 |
| Peer Reviewed | Peer Reviewed |
| Pages | 87-87 |
| DOI | https://doi.org/10.1109/ICNS.2006.65 |
| Keywords | Computer systems; System security; Network monitoring; Intrusion identification systems; Pattern recognition; NetHost-sensor; Performance; |
| Public URL | http://researchrepository.napier.ac.uk/id/eprint/1835 |
| Contract Date | Jun 2, 2008 |
Files
01690558[1].pdf
(139 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc/4.0/
You might also like
NetHost-sensor: Monitoring a target host's application via system calls
(2006)
Journal Article
NetHost-Sensor: Investigating the capture of end-to-end encrypted intrusive data
(2006)
Journal Article
Enhancing intrusion detection via an active target host.
(2006)
Presentation / Conference Contribution
A framework to detect novel computer viruses via system calls.
(2006)
Presentation / Conference Contribution
Analysis and detection of cruising computer viruses.
(2004)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search