DocumentCode :
3625072
Title :
On the Contribution of Preamble to Information Hiding in Mimicry Attacks
Author :
H. Gunes Kayacik;A. Nur Zincir-Heywood
Author_Institution :
Dalhousie University, Canada
Volume :
1
fYear :
2007
fDate :
5/1/2007 12:00:00 AM
Firstpage :
632
Lastpage :
638
Abstract :
In this paper, we aim to determine the significance of different stages of an attack, namely the preamble and the exploit, on an achieved anomaly rate. To this end, we analyze four Unix applications that have been used by the previous researchers against Stide anomaly detector. Our results show that the effect of the preamble on the anomaly rate is much greater when the size of the preamble component of an attack is greater than the size of the exploit component. Furthermore, we investigate the impact of training set selection and the length of sliding window on detector performance.
Keywords :
"Detectors","Training data","Performance analysis","Computer science","Application software","Information analysis","Databases","Data analysis","Buffer overflow","Security"
Publisher :
ieee
Conference_Titel :
Advanced Information Networking and Applications Workshops, 2007, AINAW ´07. 21st International Conference on
Print_ISBN :
0-7695-2847-3;978-0-7695-2847-2
Type :
conf
DOI :
10.1109/AINAW.2007.269
Filename :
4221128
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3625072
بازگشت