SS-IDS: Statistical Signature Based IDS - LIRMM - Laboratoire d’Informatique, de Robotique et de Microélectronique de Montpellier Accéder directement au contenu
Communication Dans Un Congrès Année : 2009

SS-IDS: Statistical Signature Based IDS

Chedy Raïssi
Pascal Poncelet
Johan Brissaud
  • Fonction : Auteur
  • PersonId : 842232

Résumé

Security of web servers has become a sensitive subject today. Prediction of normal and abnormal request is problematic due to large number of false alarms in many anomaly based Intrusion Detection Systems(IDS). SS-IDS derives automatical ly the parameter profiles from the analyzed data thereby generating the Statistical Signatures. Statistical Signatures are based on modeling of normal requests and their distribution value without explicit intervention. Several attributes are used to calculate the behavior of the legitimate request on the web server. SS-IDS is best suited for the newly instal led web servers which doesn't have large number of requests in the data set to train the IDS and can be used on top of currently used signature based IDS like SNORT. Experiments conducted on real data sets have shown high accuracy up to 99.98% for predicting valid request as valid and false positive rate ranges from 3.82-7.84%.
Fichier principal
Vignette du fichier
ICIW.pdf (123.54 Ko) Télécharger le fichier
Origine : Fichiers éditeurs autorisés sur une archive ouverte
Loading...

Dates et versions

lirmm-00365067 , version 1 (02-03-2009)

Identifiants

  • HAL Id : lirmm-00365067 , version 1

Citer

Payas Gupta, Chedy Raïssi, Gérard Dray, Pascal Poncelet, Johan Brissaud. SS-IDS: Statistical Signature Based IDS. ICIW: International Conference on Internet and Web Applications and Services, May 2009, Venice, Italy. pp.1-6. ⟨lirmm-00365067⟩
232 Consultations
460 Téléchargements

Partager

Gmail Facebook X LinkedIn More