Deakin University
Browse

File(s) under permanent embargo

Intelligent feature selection for detecting HTTP/2 denial of service attacks

conference contribution
posted on 2017-01-01, 00:00 authored by E Adi, Zubair BaigZubair Baig
Intrusion-detection systems employ machine learning techniques to classify traffic into attack and legitimate. Network flooding attacks can leverage the new web communications protocol (HTTP/2) to bypass intrusiondetection systems. This creates an urgent demand to understand HTTP/2 characteristics and to devise customised cyber-attack detection schemes. This paper proposes Step Sister; a technique to generate an optimum network traffic feature set for network intrusion detection. The proposed technique demonstrates that a consistent set of features are selected for a given HTTP/2 dataset. This allows intrusion-detection systems to classify previously unseen network traffic samples with fewer false alarm than when techniques used in literature were employed. The results show that the proposed technique yields a set of features that, when used for network traffic classification, yields low numbers of false alarms.

History

Pagination

57-63

Location

Perth, W.A.

Start date

2017-12-05

End date

2017-12-06

ISBN-13

9780648127086

Language

eng

Publication classification

E1.1 Full written paper - refereed

Editor/Contributor(s)

Valli C

Title of proceedings

AISM 2017 : Proceedings of the 15th Australian Information Security Management Conference

Event

Information Security Management. Conference (15th : 2017 : Perth, W.A.)

Publisher

Edith Cowan University

Place of publication

Melbourne, Vic.

Series

Information Security Management Conference

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC