Interactive Visual Decision Tree for Developing Detection Rules of Attacks on Web Applications
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2018, Vol 9, Issue 7
Abstract
Creating detection rules of attacks on web applications is not a trivial task, especially when the attacks are launched by experienced hackers. In such a situation, human expertise is essential to produce effective results. However, human users are easily overloaded by the huge input data, which is meant to be analyzed, learned from, and used to develop appropriate detection rules. To support human users in dealing with the information overload problem while developing detection rules of web application attacks, we propose a novel technique and tool called Interactive Visual Decision Tree (IVDT). IVDT is a variant of the popular decision tree learning technique introduced in research fields such as machine learning and data mining, with two additionally important features: visually supported data analysis and user-guided tree growing. Visually supported data analysis helps human users cope with high volume of training data while analyzing each node in the tree being built. On the other hand, user-guided tree growing allows human users to apply their own expertise and experience to create custom split condition for each tree node. A prototype implementation of IVDT is built and experimented to evaluate its effectiveness in terms of detection accuracy achieved by its users as well as ease of working with. The experiment results prove some advantages of IVDT over traditional decision tree learning method, but also point out its problems that should be handled in future improvements.
Authors and Affiliations
Tran Tri Dang, Tran Khanh Dang, Truong-Giang Nguyen Le
Keywords
Related Articles
- EP ID EP357384
- DOI 10.14569/IJACSA.2018.090705
- Views 84
- Downloads 0
A Framework for Creating a Distributed Rendering Environment on the Compute Clusters
This paper discusses the deployment of existing render farm manager in a typical compute cluster environment such as a university. Usually, both a render farm and a compute cluster use different queue managers and assume...
Very Low Power Viterbi Decoder Employing Minimum Transition and Exchangeless Algorithms for Multimedia Mobile Communication
A very low power consumption viterbi decoder has been developed by low supply voltage and 0.15 µm CMOS process technology. Significant power reduction can be achieved by modifying the design and implementatio...
Marine Engine Room Alarm Monitoring System
Alarms affect operations in most part of the ship. Their impact on modern Engine Control Room operations is no less significant. The state of an alarm system serves as an indication of the extent to which the ship’s oper...
Bi-Objective Task Scheduling in Cloud Computing using Chaotic Bat Algorithm
Cloud computing is a technology for providing services over the Internet. It gives approach to renting IT infrastructures on a short-term pay- per-usage basis. One of the service provider’s goals is to use the resources...
Day-Ahead Load Forecasting using Support Vector Regression Machines
Accurate day-ahead load prediction plays a significant role to electric companies because decisions on power system generations depend on future behavior of loads. This paper presents a strategy for short-term load forec...