Projects‎ > ‎

McPAD

Paper
  • R. Perdisci, D. Ariu, P. Fogla, G. Giacinto, W. Lee. "McPAD : A Multiple Classifier System for Accurate Payload-based Anomaly Detection." Computer Networks, Special Issue on Traffic Classification and Its Applications to Modern Networks, 5(6), 2009, pp. 864-881. [pdf]
Code and Libraries
Attack Dataset

  The attack dataset contains the following
  • Generic Attacks (contains 66 HTTP attacks)
  • Shell-code Attacks (contains the following attacks selected from Generic Attacks: 20,21,24,25,26,40,46,47,48,50,WMS)
  • CLET Attacks
    (contains several morphed versions of the following shell-code attacks: 20,21,25,26,40,46,50,WMS)
  • Polymorphic Blending Attacks (PBA)
    • 1-gram attacks
    • n-gram attacks (n=3..12)
    • 2-nu-gram attacks (nu=0..10)

McPAD Models and Configuration Example

  Download a working copy of McPAD with an example of configuration files and ready-to-use models  

Comments