You Surf So Strange Today: Anomaly Detection In Web Services Via Hmm And Ctmc
GREEN, PERVASIVE, AND CLOUD COMPUTING (GPC 2017)(2017)
摘要
In recent years, with the increasing number of attacks against user privacy in web services, researchers put a significant effort on realizing more and more sophisticated Intrusion Detection Systems in order to identify potentially malicious activities. Among such systems, Anomaly Detection Systems rely on a baseline given by a normal behavior and consider every deviation from such behavior as an intrusion.In this paper, we propose a novel Anomaly Detection System to detect intrusions in users' private areas in on-line web services. Such services usually record logs of user activity from different points: access, actions in a session and system responses. We design an ad-hoc mathematical model for each of these logs to build a profile for a normal behavior. In particular, we model users' accesses through a Hidden Markov Model (HMM) and Users' activity with a Continuous Time Markov Chain (CTMC). We propose a novel Anomaly Detection System algorithm that takes into consideration the deviation from the above Markov Processes. Finally, we evaluate our proposal with a thorough set of experiments, which results confirm the feasibility and effectiveness of our solution.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络