IEEE Transactions on Software Engineering - Special issue on computer security and privacy
An introduction to Kolmogorov complexity and its applications (2nd ed.)
An introduction to Kolmogorov complexity and its applications (2nd ed.)
Genetic Algorithms in Search, Optimization and Machine Learning
Genetic Algorithms in Search, Optimization and Machine Learning
Applications of Data Mining in Computer Security
Applications of Data Mining in Computer Security
Prediction algorithms and confidence measures based on algorithmic randomness theory
Theoretical Computer Science - Natural computing
Transductive Confidence Machines for Pattern Recognition
ECML '02 Proceedings of the 13th European Conference on Machine Learning
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
The effects of loss and latency on user performance in unreal tournament 2003®
Proceedings of 3rd ACM SIGCOMM workshop on Network and system support for games
IEEE/ACM Transactions on Networking (TON)
Detecting outliers using transduction and statistical testing
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Proceedings of the 2nd ACM workshop on Quality of protection
Network anomaly detection based on TCM-KNN algorithm
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Defense against spoofed IP traffic using hop-count filtering
IEEE/ACM Transactions on Networking (TON)
A study in using neural networks for anomaly and misuse detection
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Towards lightweight and efficient DDOS attacks detection for web server
Proceedings of the 18th international conference on World wide web
Optimizing network anomaly detection scheme using instance selection mechanism
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
QoS-based cooperative algorithm for integral multi-commodity flow problem
Computer Communications
| Hi-index | 0.24 |
World Wide Web (WWW) is one of the most popular applications currently running on the Internet and web server is a crucial component for this application. However, network anomalies especially Distributed Denial-of-Service (DDoS) attacks bombard web server, degrade its Quality of Service (QoS) and even deny the legitimate users' requests. Traditional network anomaly detection methods often lead to high false positives and expensive computational cost, thus unqualified for real-time web server anomaly detection. To solve these problems, in this paper we first propose an efficient network anomaly detection method based on Transductive Confidence Machines for K-Nearest Neighbors (TCM-KNN) algorithm. Secondly, we integrate a lot of objective and efficient anomalies impact metrics from the perceptions of the end users into TCM-KNN algorithm to build a robust web sever anomaly detection mechanism. Finally, Genetic Algorithm (GA) based instance selection method is introduced to boost the real-time detection performance of our method. We evaluate our method on a series of experiments both on well-known KDD Cup 1999 dataset and concrete dataset collected from real network traffic. The results demonstrate our methods are actually effective and lightweight for real-time web server anomaly detection.