Classification of habitual activities in behavior-based network detection
This paper presents a new method to detect network traffic threats based on packet classification which is result from the identification of insider’s habitual activities. We assess the habitual activities by examining regular expression of web applications use by insiders together with the existing...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Journal of Computing
2010
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/37256/2/index.html http://eprints.utm.my/id/eprint/37256/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.utm.37256 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.372562017-10-13T11:04:00Z http://eprints.utm.my/id/eprint/37256/ Classification of habitual activities in behavior-based network detection Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid QA75 Electronic computers. Computer science This paper presents a new method to detect network traffic threats based on packet classification which is result from the identification of insider’s habitual activities. We assess the habitual activities by examining regular expression of web applications use by insiders together with the existing server activities log and rules pattern from global update. We capture the packets, analyze the packet and finally, categorize into three main categories whether it is normal, suspicious or malicious. Our method is able to detect threat with low false alarm rate and provides event list handler to rate the risk for prevention purposes. We apply our method to evaluate system security for help security officer (IT Manager and Administrator) to be aware of status network activities. Journal of Computing 2010-08 Article PeerReviewed text/html en http://eprints.utm.my/id/eprint/37256/2/index.html Stiawan, Deris and Abdullah, Abdul Hanan and Idris, Mohd. Yazid (2010) Classification of habitual activities in behavior-based network detection. Journal of Computing, 2 (8). pp. 1-7. ISSN 2151-9617 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid Classification of habitual activities in behavior-based network detection |
| description |
This paper presents a new method to detect network traffic threats based on packet classification which is result from the identification of insider’s habitual activities. We assess the habitual activities by examining regular expression of web applications use by insiders together with the existing server activities log and rules pattern from global update. We capture the packets, analyze the packet and finally, categorize into three main categories whether it is normal, suspicious or malicious. Our method is able to detect threat with low false alarm rate and provides event list handler to rate the risk for prevention purposes. We apply our method to evaluate system security for help security officer (IT Manager and Administrator) to be aware of status network activities. |
| format |
Article |
| author |
Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid |
| author_facet |
Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid |
| author_sort |
Stiawan, Deris |
| title |
Classification of habitual activities in behavior-based network detection
|
| title_short |
Classification of habitual activities in behavior-based network detection
|
| title_full |
Classification of habitual activities in behavior-based network detection
|
| title_fullStr |
Classification of habitual activities in behavior-based network detection
|
| title_full_unstemmed |
Classification of habitual activities in behavior-based network detection
|
| title_sort |
classification of habitual activities in behavior-based network detection |
| publisher |
Journal of Computing |
| publishDate |
2010 |
| url |
http://eprints.utm.my/id/eprint/37256/2/index.html http://eprints.utm.my/id/eprint/37256/ |
| _version_ |
1643650103749115904 |
| score |
13.160551 |