Abstract
We and others have shown that machine learning can detect and mitigate web-based attacks and the propagation of malware. High performance machine learning frameworks exist for the major computer languages used to program both web servers and web pages. This paper examines the factors required to use the frameworks as an effective distributed deterrent.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ACM SIGKDD: KDD Cup 1999: Computer network intrusion detection. http://www.kdd.org/kdd-cup/view/kdd-cup-1999/Data
Barth, A., Jackson, C., Mitchell, J.C.: Robust defenses for cross-site request forgery. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 75–88. ACM (2008)
ClamavNet: ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. https://www.clamav.net/. Accessed 26 May 2019
Freas, C.B., Harrison, R.W., Long, Y.: High performance attack estimation in large-scale network flows. In: 2018 IEEE International Conference on Big Data (Big Data), pp. 5014–5020. IEEE (2018)
Google: Tensorflow for Javascript. https://www.tensorflow.org/js. Accessed 26 May 2019
Maymounkov, P., Mazières, D.: Kademlia: a peer-to-peer information system based on the XOR metric. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 53–65. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_5
Miller, S., Curran, K., Lunney, T.: Cloud-based machine learning for the detection of anonymous web proxies. In: 2016 27th Irish Signals and Systems Conference (ISSC), pp. 1–6. IEEE (2016)
Muscat, I.: What is cross-site request forgery? June 2017. https://www.acunetix.com/blog/articles/cross-site-request-forgery/
Oehlert, P.: Violating assumptions with fuzzing. IEEE Secur. Priv. 3(2), 58–62 (2005)
Scholte, T., Robertson, W., Balzarotti, D., Kirda, E.: Preventing input validation vulnerabilities in web applications through automated type analysis. In: 2012 IEEE 36th Annual Computer Software and Applications Conference, pp. 233–243. IEEE (2012)
Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: Toward generating a new intrusion detection dataset and intrusion traffic characterization. In: Proceedings of Fourth International Conference on Information Systems Security and Privacy, ICISSP (2018)
Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: a scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Comput. Commun. Rev. 31(4), 149–160 (2001)
Syronex: Why is Form Validation Needed? https://formsmarts.com/form-validation
Xu, W., Bhatkar, S., Sekar, R.: Practical dynamic taint analysis for countering input validation attacks on web applications. Technical report SECLAB-05-04, Department of Computer Science (2005)
Zasso, M.: Machine learning and numerical analysis tools in Javascript for node.js and the browser. https://github.com/mljs. Accessed 26 May 2019
Zomlot, L., Chandran, S., Caragea, D., Ou, X.: Aiding intrusion analysis using machine learning. In: 2013 12th International Conference on Machine Learning and Applications, vol. 2, pp. 40–47, December 2013. https://doi.org/10.1109/ICMLA.2013.103
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Freas, C.B., Harrison, R.W. (2019). Web-Based Intelligence for IDS. In: Wang, G., Feng, J., Bhuiyan, M., Lu, R. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2019. Lecture Notes in Computer Science(), vol 11637. Springer, Cham. https://doi.org/10.1007/978-3-030-24900-7_25
Download citation
DOI: https://doi.org/10.1007/978-3-030-24900-7_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24899-4
Online ISBN: 978-3-030-24900-7
eBook Packages: Computer ScienceComputer Science (R0)