IEEE Transactions on Software Engineering - Special issue on computer security and privacy
A training algorithm for optimal margin classifiers
COLT '92 Proceedings of the fifth annual workshop on Computational learning theory
LOF: identifying density-based local outliers
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Efficient algorithms for mining outliers from large data sets
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection
IEEE Transactions on Computers
Detecting Anomalous and Unknown Intrusions Against Programs
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Parzen-Window Network Intrusion Detectors
ICPR '02 Proceedings of the 16 th International Conference on Pattern Recognition (ICPR'02) Volume 4 - Volume 4
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Anomalous system call detection
ACM Transactions on Information and System Security (TISSEC)
Can machine learning be secure?
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Automatic Integrity Checks for Remote Web Resources
IEEE Internet Computing
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
Supervised feature selection via dependence estimation
Proceedings of the 24th international conference on Machine learning
On the Effects of Learning Set Corruption in Anomaly-Based Detection of Web Defacements
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
ACM Transactions on Knowledge Discovery from Data (TKDD)
ACM Computing Surveys (CSUR)
The Reaction Time to Web Site Defacements
IEEE Internet Computing
Detecting large-scale system problems by mining console logs
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Communications of the ACM
Probabilistic techniques for intrusion detection based on computer audit data
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Delta: automatic identification of unknown web-based infection campaigns
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 12.05 |
The defacement of web sites has become a widespread problem. Reaction to these incidents is often quite slow and triggered by occasional checks or even feedback from users, because organizations usually lack a systematic and round the clock surveillance of the integrity of their web sites. A more systematic approach is certainly desirable. An attractive option in this respect consists in augmenting availability and performance monitoring services with defacement detection capabilities. Motivated by these considerations, in this paper we assess the performance of several anomaly detection approaches when faced with the problem of detecting web defacements automatically. All these approaches construct a profile of the monitored page automatically,based on machine learning techniques, and raise an alert when the page content does not fit the profile. We assessed their performance in terms of false positives and false negatives on a dataset composed of 300 highly dynamic web pages that we observed for 3months and includesa set of 320 real defacements.