Paper
- R. Perdisci, D. Ariu, P. Fogla, G.
Giacinto, W. Lee. "McPAD : A Multiple Classifier System for Accurate
Payload-based Anomaly Detection." Computer Networks, Special Issue on
Traffic Classification and Its Applications to Modern Networks, 5(6), 2009, pp. 864-881. [pdf]
Code and Libraries
Attack Dataset
The attack dataset contains the following- Generic Attacks (contains 66 HTTP attacks)
- Shell-code Attacks (contains the following attacks selected from Generic Attacks: 20,21,24,25,26,40,46,47,48,50,WMS)
- CLET Attacks
(contains several morphed versions of the following shell-code attacks: 20,21,25,26,40,46,50,WMS) - Polymorphic Blending Attacks (PBA)
- 1-gram attacks
- n-gram attacks (n=3..12)
- 2-nu-gram attacks (nu=0..10)
McPAD Models and Configuration Example
|
|