基于随机森林的慢速攻击异步检测

2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI) Pub Date : 2021-10-25 DOI:10.1109/jocici54528.2021.9794346

C. Asch, G. Gálvez, E. Rios, Juan José Vargas, Luis Quesada, Gabriela Barrantes, A. Lara

{"title":"基于随机森林的慢速攻击异步检测","authors":"C. Asch, G. Gálvez, E. Rios, Juan José Vargas, Luis Quesada, Gabriela Barrantes, A. Lara","doi":"10.1109/jocici54528.2021.9794346","DOIUrl":null,"url":null,"abstract":"An asynchronous classifier of network flows was developed to detect Slowloris attacks. This classifier was implemented using random forests and its effectiveness was measured by the area under the ROC curve. These random forests were trained from a public dataset. We sought to minimize the number of necessary features that are required to analyze the flows satisfactorily. Finally, it was shown that the chosen features can be used individually to obtain reliable detections in the classifier, with two of the three individual features having an area under the curve greater than 0.95.","PeriodicalId":339143,"journal":{"name":"2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Asynchronous Detection of Slowloris Attacks Via Random Forests\",\"authors\":\"C. Asch, G. Gálvez, E. Rios, Juan José Vargas, Luis Quesada, Gabriela Barrantes, A. Lara\",\"doi\":\"10.1109/jocici54528.2021.9794346\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An asynchronous classifier of network flows was developed to detect Slowloris attacks. This classifier was implemented using random forests and its effectiveness was measured by the area under the ROC curve. These random forests were trained from a public dataset. We sought to minimize the number of necessary features that are required to analyze the flows satisfactorily. Finally, it was shown that the chosen features can be used individually to obtain reliable detections in the classifier, with two of the three individual features having an area under the curve greater than 0.95.\",\"PeriodicalId\":339143,\"journal\":{\"name\":\"2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-10-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/jocici54528.2021.9794346\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/jocici54528.2021.9794346","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

为了检测Slowloris攻击，开发了一种异步网络流分类器。该分类器使用随机森林实现，其有效性通过ROC曲线下的面积来衡量。这些随机森林是从公共数据集中训练出来的。我们试图将分析流所需的必要特征的数量最小化。最后，结果表明，选择的特征可以单独使用，在分类器中获得可靠的检测，三个单独的特征中有两个在曲线下的面积大于0.95。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Asynchronous Detection of Slowloris Attacks Via Random Forests

An asynchronous classifier of network flows was developed to detect Slowloris attacks. This classifier was implemented using random forests and its effectiveness was measured by the area under the ROC curve. These random forests were trained from a public dataset. We sought to minimize the number of necessary features that are required to analyze the flows satisfactorily. Finally, it was shown that the chosen features can be used individually to obtain reliable detections in the classifier, with two of the three individual features having an area under the curve greater than 0.95.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

自引率

0.00%

发文量