Chockalingam Karuppanchetty

Work place: Department of Computer Science, University of Alabama in Huntsville, USA * iDEA Hub, Nigeria



Research Interests: Computer systems and computational processes, Computer Architecture and Organization, Data Structures and Algorithms


Chockalingam Karuppanchetty has a M.S. (2015) in Computer Science from the University of Alabama in Huntsville, USA. He also received his B.E. (2007) in Electronics and Communication Engineering from the Sree Sastha Institute of Technology, Tamilnadu, India. Previously, he was a Software Engineer for Hindustan Computers Limited Technologies for two years. His current research interests are Networking and Security.

Author Articles
Artificially Augmented Training for Anomaly-based Network Intrusion Detection Systems

By Chockalingam Karuppanchetty William Edmonds Sun-il Kim Nnamdi Nwanze

DOI:, Pub. Date: 8 Sep. 2015

Attacks on web servers are becoming increasingly prevalent; the resulting social and economic impact of successful attacks is also exacerbated by our dependency on web-based applications. There are many existing attack detection and prevention schemes, which must be carefully configured to ensure their efficacy. In this paper, we present a study challenges that arise in training network payload anomaly detection schemes that utilize collected network traffic for tuning and configuration. The advantage of anomaly-based intrusion detection is in its potential for detecting zero day attacks. These types of schemes, however, require extensive training to properly model the normal characteristics of the system being protected. Usually, training is done through the use of real data collected by monitoring the activity of the system. In practice, network operators or administrators may run into cases where they have limited availability of such data. This issue can arise due to the system being newly deployed (or heavily modified) or due to the content or behavior that leads to normal characterization having been changed. We show that artificially generated packet payloads can be used to effectively augment the training and tuning. We evaluate the method using real network traffic collected at a server site; We illustrate the problem at first (use of highly variable and unsuitable training data resulting in high false positives of 3.6∼10%), then show improvements using the augmented training method (false positives as low as 0.2%). We also measure the impact on network performance, and present a lookup based optimization that can be used to improve latency and throughput.

[...] Read more.
Other Articles