C
Chad Calvert
Researcher at Florida Atlantic University
Publications - 13
Citations - 162
Chad Calvert is an academic researcher from Florida Atlantic University. The author has contributed to research in topics: Denial-of-service attack & Application layer. The author has an hindex of 7, co-authored 12 publications receiving 100 citations.
Papers
More filters
Proceedings ArticleDOI
Detection of SSH Brute Force Attacks Using Aggregated Netflow Data
TL;DR: This paper provides a machine learning approach for the detection of SSH brute force attacks at the network level and introduced an aggregation of Netflows to extract the proper features for building machine learning models.
Proceedings ArticleDOI
User Behavior Anomaly Detection for Application Layer DDoS Attacks
TL;DR: Results on the collected data show that using PCAsubspace anomaly detection on user behavior data can detect application layer DDoS attacks, even if they are trying to mimic a normal user’s behavior at some level.
Journal ArticleDOI
Impact of class distribution on the detection of slow HTTP DoS attacks using Big Data
TL;DR: This work evaluates the use of data sampling to produce varying class distributions in order to counteract the effects of severely imbalanced Slow HTTP Denial of Service big datasets and determines that theUse of sampling techniques can significantly increase learner performance when detecting Slow HTTP DoS attack traffic.
Proceedings ArticleDOI
Utilizing Netflow Data to Detect Slow Read Attacks
TL;DR: This paper uses a generated dataset based upon Netflow data collected at the application layer on a live network environment and uses eight different classifiers to build Slow Read attack detection models, showing that the machine learners were quite successful in identifying the Slow Read attacks with a high detection and low false alarm rate.
Journal ArticleDOI
A Procedure for Collecting and Labeling Man-in-the-Middle Attack Traffic
TL;DR: The process for data collection is defined, along with the approach on gathering real-world, representative data, and a novel labeling procedure based on the inherent behaviors of each MITM attack variant is presented.