Advertisement

Data Mining Methods for Anomaly Detection of HTTP Request Exploitations

  • Xiao-Feng Wang
  • Jing-Li Zhou
  • Sheng-Sheng Yu
  • Long-Zheng Cai
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3614)

Abstract

HTTP request exploitations take substantial portion of network-based attacks. This paper presents a novel anomaly detection framework, which uses data mining technologies to build four independent detection models. In the training phase, these models mine specialty of every web program using web server log files as data source, and in the detection phase, each model takes the HTTP requests upon detection as input and calculates at least one anomalous probability as output. All the four models totally generate eight anomalous probabilities, which are weighted and summed up to produce a final probability, and this probability is used to decide whether the request is malicious or not. Experiments prove that our detection framework achieves close to perfect detection rate under very few false positives.

Keywords

Anomaly Detection Data Mining Method Attribute Instance Attribute List Query Attribute 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Kruegel, C.: Anomaly Detection of Web-based Attacks. In: CCS 2003, Washington, DC, USA, October 27–31 (2003)Google Scholar
  2. 2.
    Billingsley, P.: Probability and Measure,3 edn., April 1995. Wiley Interscience, Hoboken (1995)zbMATHGoogle Scholar
  3. 3.
    Mitchell, T.: Machine Learning. McGraw Hill, New York (1997)zbMATHGoogle Scholar
  4. 4.
    CGISecurity. The Cross Site Scripting FAQGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Xiao-Feng Wang
    • 1
  • Jing-Li Zhou
    • 1
  • Sheng-Sheng Yu
    • 1
  • Long-Zheng Cai
    • 1
  1. 1.Department of Computer Science and TechnologyHuazhong University of Science and TechnologyWuhanChina

Personalised recommendations