Active Detection of Application Layer Attacks Based on Analysis of HTTP-Session

Jie Liang; Jian Wei Sun

doi:10.4028/www.scientific.net/AMR.268-270.1253

Paper Titles

Image Edge Detection Based on Direction Fuzzy Entropy
p.1234

A Hybrid Filtering Method Based on Triangle-Module Fusion
p.1239

Development and Application of Mining Spares Management Information System
p.1245

Overview of Network Displaying Methods of Apparel
p.1249

Active Detection of Application Layer Attacks Based on Analysis of HTTP-Session
p.1253

Study on the Navigation of Patrol Robot of Transformer Substation Based on Color Vision and RFID
p.1259

The Development Mode of Low-Carbon Economy: A Carbon Fund Perspective
p.1265

A Resolution Design of the Energy Conservation Based on Energy Chip CS5460A in Home
p.1271

Development and Application of GPS Navigator in Ship
p.1275

HomeAdvanced Materials ResearchAdvanced Materials Research Vols. 268-270Active Detection of Application Layer Attacks...

Active Detection of Application Layer Attacks Based on Analysis of HTTP-Session

Abstract:

Application layer vulnerabilities represent a substantial portion of the security exposures of computer networks. In this paper, we explore the effectiveness of HTTP-session model to effectively describe web access behavior. HTTP-sessions are extracted from http requests as accessed by users. Based on the HTTP-session model and the analysis of web based attacks, we present an active anomaly detection framework to detect web based attacks. We demonstrate the effectiveness of the proposed methods via simulation studies using real-world web access requests. The result shows that our methods can effectively detect the application layer attacks.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 268-270)

Pages:

1253-1258

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.268-270.1253

Citation:

Cite this paper

Online since:

July 2011

Authors:

Jie Liang, Jian Wei Sun

Keywords:

Anomaly Detection, HTTP Session Model, Web Based Attacks

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

References

[1] M. Chen, J. Park, and P. Yu: Data mining for path traversal patterns in a web environment. In ICDCS, (1996).

Google Scholar

[2] H. Liu and V. Keˇselj: Combined mining of Web server logs and web contents for classifying user navigation patterns and predicting users' future requests. Data & Knowledge Engineering, (2007).

DOI: 10.1016/j.datak.2006.06.001

Google Scholar

[3] R. Srikant and Y. Yang: Mining web logs to improve website organization. In International Conference on World Wide Web, (2001).

DOI: 10.1145/371920.372097

Google Scholar

[4] C. Nuzman, I. Saniee, W. Sweldens, and A. Weiss: A compound model for TCP connection arrivals for LAN and WAN applications. Computer Networks, vol. 40, no. 3, p.319–337, (2002).

DOI: 10.1016/s1389-1286(02)00298-0

Google Scholar

[5] C. Kruegel, G. Vigna: Anomaly detection of web based attacks. Proceedings of the 10th ACM conference on Computer and communications security, pp.251-261, (2003).

DOI: 10.1145/948109.948144

Google Scholar

[6] C. Kruegel, G. Vigna, W. Robertson: A Multi-model Approach to the Detection of Web-based Attacks. Journal of Computer Networks. Vol. 48, No. 5, (2005).

DOI: 10.1016/j.comnet.2005.01.009

Google Scholar

[7] F. Valeur, D. Mutz and G. Vigna: A Learning-Based Approach to the Detection of SQL Attacks. Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA'05) , pp.123-140, (2005).

DOI: 10.1007/11506881_8

Google Scholar

[8] M. Kantardzic: Data Mining Concepts, Models, Methods And Algorithm. New York: IEEE Press, (2002).

Google Scholar

[9] Yatagai T, Isohara T, Sasase I: Detection of HTTP-GET flood Attack Based on Analysis of Page Access Behavior. Proceedings of the 2007 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing. Victoria, Canada, pp.232-235, (2007).

DOI: 10.1109/pacrim.2007.4313218

Google Scholar