Recent Trends in Androids and IOS Applications (e-ISSN: 3048-9733)

This paper provides a unique approach to client- based HTTP proxy attack detection using a Dynamic Spatiotem- poral Behavior Analysis (DSTBA) algorithm. Traditional meth- ods often lack adaptability to sophisticated cyberattacks. DSTBA addresses this by dynamically adjusting detection thresholds based on real-time analysis of spatial (network node distribution and interaction) and temporal (request timing and frequency) behavior patterns. This integration with machine learning tech- niques enhances attack identification accuracy while minimizing false positives. DSTBA’s core strength lies in detecting subtle deviations in client behavior indicative of proxy-based attacks. A feedback mechanism continuously refines thresholds, enhancing resilience against evolving attack strategies. Evaluations using real-world datasets exhibit DSTBA’s superior performance com- pared to static threshold methods, achieving high detection rates with low false alarms. This research contributes significantly to network security advancements by providing an adaptable and efficient solution for client-based HTTP proxy attack detection in the face of ever-changing cyber threats.

Y. LeCun, Y. Bengio, and G. Hinton, ”Deep learning,” Nature, vol. 521, no. 7553, pp. 436-444, 2015.

R. S. Sutton and A. G. Barto, ”Reinforcement Learning: An Introduc- tion,” MIT Press, 2018.

K. S. Trivedi, ”Probability and Statistics with Reliability, Queuing, and Computer Science Applications,” Wiley, 2016.

J . B. D. Cabrera, L. Lewis, X. Qin, W. Lee, R. K. Prasanth, B. Ravichandran, and R. K. Mehra, ”Proactive detection of distributed denial of service attacks using MIB traffic variables—a feasibility study,” in Integrated Network Management Proceedings, 2001 IEEE/IFIP Inter- national Symposium on. IEEE, 2001, pp. 609–622.

A. Lakhina, M. Crovella, and C. Diot, ”Mining anomalies using traf- fic feature distributions,” ACM SIGCOMM Computer Communication Review, vol. 35, no. 4, pp. 217-228, 2005.

T. T. T. Nguyen and G. Armitage, ”A survey of techniques for internet traffic classification using machine learning,” IEEE Communications Surveys Tutorials, vol. 10, no. 4, pp. 56-76, 2008.

W. Lu and A. A. Ghorbani, ”Network anomaly detection based on wavelet analysis,” EURASIP Journal on Advances in Signal Processing, vol. 2009, p. 4, 2009.

R. Sommer and V. Paxson, ”Outside the closed world: On using machine learning for network intrusion detection,” in 2010 IEEE Symposium on Security and Privacy. IEEE, 2010, pp. 305-316.

N. Hubballi and V. Suryanarayanan, ”False alarm minimization tech- niques in signature-based intrusion detection systems: A survey,” Com- puter Communications, vol. 49, pp. 1-17, 2014.

M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, ”A detailed analysis of the KDD CUP 99 data set,” in 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. IEEE, 2009, pp. 1-6.