Analyzing HTTP requests for web intrusion detection

Many web application security problems related to intrusion have resulted from the rapid development of web applications. To reduce the risk of web application problems, web application developers need to take measures to write secure applications to prevent known attacks. When such measures fail, it is important to detect such attacks and find the source of the attacks to reduce the estimated risks. Intrusion detection is one of the powerful techniques designed to identify and prevent harm to the system. Most defensive techniques in Web Intrusion Systems are not able to deal with the complexity of cyber-attacks in web applications. However, machine learning approaches could help to detect known and unknown web application attacks. In this paper, we present machine learning techniques to classify the HTTP requests in the well-known dataset CSIC 2010 HTTP (Giménez et al., 2012) as normal or abnormal traffic, and we compare our experimental results with the results reported by Pham et al. in 2016 and Nguyen et al. in 2011. These experiments produce results for overlapping sets of machine-learning techniques and different sets of features, allowing us to compare how good the various feature sets are for the various machine-learning techniques, at least on this dataset. Keywords: intrusion detection system; anomaly detection; web application attacks; machine learning

Situations and Evidence for Identity Using Dempster-Shafer Theory

We present a computational framework for identity based on Barwise and Devlin’s situation theory. We present an example with constellations of situations identifying an individual to create what we call id-situations, where id-actions are performed, along with supporting situations. We use Semantic Web standards to represent and reason about the situations in our example. We show how to represent the strength of the evidence, within the situations, as a measure of the support for judgments reached in the id-situation. To measure evidence of an identity from the supporting situations, we use the Dempster-Shafer theory of evidence. We enhance Dempster- Shafer theory in two ways to leverage the information available in a constellation of situations. One way exploits the structure within the situations, and the other way interprets the information-relationships in terms of argument schemes

An Autonomic Computing System based on a Rule-based Policy Engine and Artificial Immune Systems

Autonomic computing systems arose from the notion that complex computing systems should have properties like those of the autonomic nervous system, which coordinates bodily functions and allows attention to be directed to more pressing needs. An autonomic system allows the system administrator to specify high-level policies, which the system maintains without administrator assistance. Policy enforcement can be done with a rule based system such as Jess (a java expert system shell). An autonomic system must be able to monitor itself, and this is often a limiting factor. We are developing an automatic system that has a policy engine and uses Artificial Immune Systems (AISs) to sense its environment and to monitor its components and performance. AISs emulate the natural immune system to defend the body against external malicious entities. The proposed system monitors itself without human intervention and thus addresses the problem of systems complexity

"I Wish You Could've Been There": College Students' Experiences of Performative Making Out

People have sex for many reasons (Meston & Buss, 2007). Although most intercourse occurs in private, some reasons for sexual behavior require an audience. For example, some heterosexual women report making out with other women to arouse men (Esterline & Galupo, 2013; Fahs, 2009). Some men report that patronizing strip clubs and talking about heterosexual sex makes them feel more masculine (Flood, 2008; Frank, 2003; Pascoe, 2007). The purpose of the present study was to investigate the prevalence, motivations, and outcomes of college students' experiences with wanting to be seen making out. Participants were 349 female and male college students. Thirty-six percent of women and 37% of men reported making out with someone and wanting others to see them. Significantly more women than men reported same-gender performative experiences. We used thematic analysis (Braun & Clarke, 2006) to identify themes in the qualitative data. Participants reported numerous motivations, including enhancing their image, making an ex-partner jealous, demonstrating a relationship, having fun, and sexually arousing men. Men reported that their reputations were enhanced more often than damaged as a result of their performances. Women reported the opposite pattern. These results provide insights into the functions of sexual behavior as a means of communication, as well as highlight important gender differences that are consistent with problematic cultural belief systems like "slut-shaming" and victim blaming

An Analyst’s Geospatial and Ontological Assistant

We discuss an Intelligence Analyst’s Geospatial and Ontological Assistant (IAGOA) under development that associates an intelligence analyst’s understanding of an agent’s activities with the geospatial features of the area of operation where they take place. Activities are identified with frames for the corresponding verbs from the FrameNet lexical database. A modeler, using the FrameNet OWL distribution, produces software used by the analyst to update a KML file with annotations identifying instantiations of the frames elements of the relevant frames. The Google Earth API is used for rendering KML files and scripting. The agent is tracked and the analyst’s conjecture of its activity is simulated; the analyst can redo her conjecture if need be. IAGOA’s FrameNet-based approach instantiates concepts inherent in language, making explicit the activities and the constellation of role-fillers involved in these activities