Contextual Multi-armed Bandits for Web Server Defense

Jung, Tobias; Martin, Sylvain; Ernst, Damien; Leduc, Guy

doi:10.1109/IJCNN.2012.6252760

Download

Paper published in a book (Scientific congresses and symposiums)

Contextual Multi-armed Bandits for Web Server Defense

Jung, Tobias; Martin, Sylvain; Ernst, Damien et al.

2012 • In Hussein, Abbas (Ed.) Proceedings of 2012 International Joint Conference on Neural Networks (IJCNN)

Peer reviewed

Permalink
https://hdl.handle.net/2268/115630

DOI
10.1109/IJCNN.2012.6252760

Files (2)Send to Details Statistics Bibliography Similar publications

Files

Full Text

main_cr.pdf

Author preprint (343.09 kB)

(svn r214)

Download

Annexes

IJCNN2012_slides.pdf

Publisher postprint (788.84 kB)

Slides from talk

Download

All documents in ORBi are protected by a user license.

Send to

RIS BibTex APA Chicago Permalink X Linkedin

Details

Keywords :

reinforcement learning; contextual bandits; web server

Abstract :

[en] In this paper we argue that contextual multi-armed bandit algorithms could open avenues for designing self-learning security modules for computer networks and related tasks. The paper has two contributions: a conceptual and an algorithmical one. The conceptual contribution is to formulate the real-world problem of preventing HTTP-based attacks on web servers as a one-shot sequential learning problem, namely as a contextual multi-armed bandit. Our second contribution is to present CMABFAS, a new algorithm for general contextual multi-armed bandit learning that specifically targets domains with finite actions. We illustrate how CMABFAS could be used to design a fully self-learning meta filter for web servers that does not rely on feedback from the end-user (i.e., does not require labeled data) and report first convincing simulation results.

Disciplines :

Computer science

Author, co-author :

Jung, Tobias ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques

Martin, Sylvain ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques

Ernst, Damien ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Smart grids

Leduc, Guy ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Réseaux informatiques

Language :

English

Title :

Contextual Multi-armed Bandits for Web Server Defense

Publication date :

2012

Event name :

2012 International Joint Conference on Neural Networks (IJCNN)

Event organizer :

IEEE

Event place :

Brisbane, Australia

Event date :

from 10-6-2012 to 15-6-2012

Audience :

International

Main work title :

Proceedings of 2012 International Joint Conference on Neural Networks (IJCNN)

Editor :

Hussein, Abbas

Publisher :

IEEE

ISBN/EAN :

978-1-4673-1488-6

Pages :

Peer reviewed :

Peer reviewed

Additional URL :

http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=6241467

European Projects :

FP7 - 224619 - RESUMENET - Resilience and Survivability for future networking: framework, mechanisms, and experimental evaluation

Funders :

F.R.S.-FNRS - Fonds de la Recherche Scientifique
CE - Commission Européenne

Available on ORBi :

since 29 March 2012

Statistics

Number of views

253 (29 by ULiège)

Number of downloads

552 (15 by ULiège)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

Bibliography

A. Ahmed and I. Traore. A new biometric technology based on mouse dynamics. IEEE Trns. on Dependable and Secure Computing, 4(3):165-179, 2007.
J.-Y. Audibert, R. Munos, and C. Szepesvari. Tuning bandit algorithms in stochastic environments. In Proc. of the 18th Int. Conf on Algorithmic Learning Theory, 2007.
P. Auer, C. Cesa-Bianchi, and P. Fischer. Finite-time analysis of the multiarmed bandit problem. Machine Learning, 47:235-256, 2002.
A. Beygelzimer, S. Kakade, and J. Langford. Cover trees for nearest neighbor. In Proc. of ICML, 2006.
S. Bubeck, R. Munos, G. Stoltz, and C. Szepesvari. Online optimization in X-armed bandits. In Adv. in Neural lnf Proc. Syst.(NIPS), pages 201-208, 2008.
R. Fielding and U. I. et al. RFC2616: Hypertext Transfer Protocol - HTTP/I.1, 1999.
A. György, L. Kocsis, I. Szabó, and C. Szepesvári. Continuous time associative bandit problems. In Proc. of IJCAl'07, pages 830-835, 2007.
R. Kleinberg, A. Slivkins, and E. Upfal. Multi-armed bandits in metric spaces. In 40th ACM Symp. on Theory of Computing (STOC), pages 681-690, 2008.
T. L. Lai and H. Robbins. Asymptotically efficient adaptive allocation rules. Adv. in Appl. Math, 6:4-22, 1985.
T. Lu, D. Pal, and M. Pal. Showing relevant ads via lipschitz context multi-armed bandits. In Proc. of AlSTATS 14, 2010.
P. Rigollet and A. Zeevi. Nonparametric bandits with covariates. In COLT, pages 54-66, 2010.
D. Secunia ApS. Secunia advisory sa39556, phpthumb() 'f1tr[], command injection vulnerability - cve-2010-1598, 2010.
A. Slivkins. Contextual bandits with similarity information. CoRR, abs/0907.3986, 2009.
L. von Ahn, M. Blum, and 1. Langford. Telling humans and computers apart automatically. Commun. ACM, 47:56-60, February 2004.
C.-C. Wang, S. R. Kulkarni, and H. Poor. Arbitrary side observations in bandit problems. Advances in Applied Mathematics, 34(4):903-938, 2005.
Y. Xie and S.-Z. Yu. A large-scale hidden semi-markov model for anomaly detection on user browsing behaviors. IEEEIACM Transactions on Networking, 17(1):54-65, 2009.
X. Xu. Sequential anomaly detection based on temporal-difference learning: principles, models and case studies. Applied Soft Computing, 10:859-867, 2010.
N. Ye, Y. Zhang, and C. M. Borror. Robustness of the markov-chain model for cyber-attack detection. IEEE Transactions on Reliability, 53(1):116-123, 2004.
D. Y. Yeung and Y. X. Ding. Host-based intrusion detection using dynamic and static behavioral models. Pattern Recognition, 36:229-243, 2003.