Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Malicious user input detection on web-based attacks with the negative selection algorithm
Download
index.pdf
Date
2019
Author
Karataş, Mustafa Mer
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
279
views
96
downloads
Cite This
In the cyber security domain, detection and prevention of intrusions is a crucial task. Intrusion attempts exploiting vulnerabilities in an organization’s servers or applications may lead to devastating consequences. The malicious actor may obtain sensitive information from the application, seize database records or take over the servers completely. While protecting web applications/services, discrimination of legitimate user inputs from malicious payloads must be done. Taking inspiration from the Human Immune System (HIS), numerous research studies have been conducted, where the HIS’ behavior while protecting the body from the malicious pathogens is applied to the problem of intrusion detection. The T-cell is one of the lymphocytes that form the human immune system. The study of Artificial Immune Systems (AIS), applies the self/non-self discrimination of T-cells to computational discrimination problems. The ability to discriminate self (safe) from non-self (malicious) is used for the detection of any malicious activity in a computer, or a computer network. The AIS model of interest in this thesis is Negative Selection. Negative Selection Algorithm is applied to detect malicious user input that is submitted in HTTP GET parameters. Detection is done through detector strings with varying lengths. Detectors are constructed with randomly chosen n-grams generated from the training dataset. The number of n-grams required to form a detector is sampled from the Poisson distribution. Detection rates, number of attempts needed for generating a single detector, average detection rates for each detector, the lengths of the detectors and the number of detectors that can be generated over a course of time are calculated and presented.
Subject Keywords
Computer security.
,
Artificial immunology
,
negative selection
,
web based attacks
URI
http://etd.lib.metu.edu.tr/upload/12624943/index.pdf
https://hdl.handle.net/11511/45344
Collections
Graduate School of Informatics, Thesis
Suggestions
OpenMETU
Core
Security of certificate-based protocols: focus on server authentication
Baran, Selim; Özbudak, Ferruh; Selçuk, Ali Aydın; Department of Cryptography (2015)
Today, secure communication channels are mostly set up via certificate-based protocols, such as Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Although they have been used for years and in so many areas, from e-commerce and internet banking to secure channel needs in military, there have been several attacks on their security model, which forced researchers to make studies on them. In this thesis, we will explain their security model, the vulnerabilities discovered so far, the precautions fo...
Detecting malicious behavior in binary programs using dynamic symbolic execution and API call sequences
Tatar, Fatih Tamer; Betin Can, Aysu; Department of Bioinformatics (2021-6)
Program analysis becomes an important part of malware detection as malware become stealthier and more complex. For example, modern malware may detect whether they are under analysis and they may use certain triggers such as time to avoid detection. However, current detection techniques turn out to be insufficient as they have limitations to detect new, obfuscated, and intelligent malware. In this thesis, we propose a behavior based malware detection methodology using API call sequence analysis. In our metho...
DETECTING MALICIOUS API CALL SEQUENCES IN BINARY PROGRAMS USING DYNAMIC SYMBOLIC EXECUTION
Tatar, Fatih Tamer; Betin Can, Aysu (2022-10-01)
As malicious software gets more stealthy and smarter, software analysis has become an essential part of malware detection. Modern malware does not immediately display its malicious behavior, especially if they are aware that it is being analyzed. For instance, malware can detect the runtime environment and use certain triggers, such as time, to avoid detection. Static analysis fails on obfuscated code whereas dynamic analysis struggles to find the right actions and conditions to trigger malicious act...
Attack tree based information technology security metric integrating enterprise objectives with vulnerabilities
Karabey, Buğra; Baykal, Nazife; Department of Information Systems (2011)
Security is one of the key concerns in the domain of Information Technology systems. Maintaining the confidentiality, integrity and availability of such systems, mandates a rigorous prior analysis of the security risks that confront these systems. In order to analyze, mitigate and recover from these risks a metrics based methodology is essential in prioritizing the response strategies to these risks and also this approach is required for resource allocation schedules to mitigate such risks. In addition to t...
Increasing trustworthiness of security critical applications using trusted computing
Uzunay, Yusuf; Baykal, Nazife; Bıçakcı, Kemal; Department of Information Systems (2014)
In this thesis work, we aim to increase the trustworthiness of security critical applications by utilizing trusted computing technologies. We focus on two case applications; authentication proxy systems and e-voting systems. Our first case application is authentication proxy systems which store users’ sensitive credentials and submit them to the servers of the service providers on their behalf. To increase the trustworthiness of authentication proxy systems, we propose Trust-in-the-Middle a trusted platform...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
M. M. Karataş, “Malicious user input detection on web-based attacks with the negative selection algorithm,” Thesis (M.S.) -- Graduate School of Informatics. Cyber Security., Middle East Technical University, 2019.