Abstract
Web applications usage is increasing in online services in many ways in our day-to-day life. Business service providers have started deploying their business over the web through various e-commerce applications online. The growth of online web application increases the web complexity and vulnerability in terms of security which is a major concern in the current web security research. The extensive growth of various types of web attacks is a severe threat to web security. HTTP requests are usually secret code into a web attack spread through the injection and allow them to perform malicious actions on remote systems to execute arbitrary commands. This paper proposes an efficient approach for web attack classification, using a vector space model approach (VSMA), to improve the detection and classification accuracy. It is able to automatically classify the attacks from valid requests to detect the specific web attacks. The evaluation measure shows high precision and low recall rates than the existing classifiers in comparison.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Shailendra, S., Sanjay, S.: An ensemble approach for cyber attack detection system: a generic framework. IEEE, 14th-ACIS, pp. 79–85 (2013)
DinhNguyen, H., Cheng, Q.: An efficient feature selection method for distributed cyber attack detection and classification. IEEE, pp. 1–6 (2013)
Xu, L., Lille, I., Xiaohui, L., Xiaodong, L., Haojin, Z.: Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Commun. Mag. 38–46 (2012)
Richhariya, V., Rana, J.L., Jain, R.C., Pandey, R.K.: Design of trust model for efficient cyber attack detection on fuzzified large data using data mining techniques. Int. J. RCCT 2(3), 126–132 (2013)
Shailendra, S., Sanjay, A., Murtaza, A. et.al.: Improved support vector machine for cyber attack detection. IEEE, pp. 1–6 (2011)
Jovanovic, N., Kruegel, C., Kirda, E.: Pixy: a static analysis tool for detecting web application vulnerabilities. IEEE Symposium on Security and Privacy (2006)
Kruegel, C., Vigna, G.: Anomaly detection of web-based attacks. ACM, 10th Conference on Computer and Communication Security, USA, pp. 251–261, Oct 2003
Gollmann, D.: Securing web applications. Inform. Secur. Techn. Report 13(1), 1–9 (2008)
Symantic: Security threat report—trend for 2012. Symantic, Tech. Rep., April 2012
Pachopoulos, K., Valsamou, D., Mavroeidis, D., Vazirgiannis, M.: Feature extraction from web traffic data for the application of data mining algorithms in attack identification. Proceedings of the ECML/PKDD’2007 Discovery Challenge, pp. 65–70 (2007)
Anagnostakis, K.G., Sidiroglou, S., Akritidis, P. et al.: Detecting targeted attacks using shadow honeypots. Proceeding for USENIX Security Symposium, pp. 129–144 (2005)
Exbrayat, M.: Analyzing web traffic—a boundaries signature approach. Proceedings for ECML/PKDD-2007 in Discovery Challenge, pp. 53–64 (2007)
Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: an approach for the anomaly-based detection of state violations in web applications. Recent Advance in Intrusion Detection (RAID), pp. 63–86, Sept 2007
Salton, G, Wong, A, Yang, C.S.: A vector space model for automatic indexing. ACM Commun. Network 18(11), 613–620 (1975)
Database of XSSED: http://www.xssed.com/
Web Application Security Statistics Project-2007: Web App. Security Consortium. http://www.webappsec.org/projects/statistics/wasc_wass_2007.pdf (2008)
Vigna, G., Valeur, F., Balzarotti, D., Robertson, W., Kruegel, C., Kirda, E.: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries. J. Comput. Secur. 17(3), 305–329 (2009)
Ten, C.W., Manimaran, G.: Cybersecurity for critical infrastructures: attack and defense modeling. IEEE Trans. Syst. 40, 853–865 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer India
About this paper
Cite this paper
Ram Naresh Yadav, B.V., Satyanarayana, B., Vasumathi, D. (2016). A Vector Space Model Approach for Web Attack Classification Using Machine Learning Technique. In: Satapathy, S., Raju, K., Mandal, J., Bhateja, V. (eds) Proceedings of the Second International Conference on Computer and Communication Technologies. Advances in Intelligent Systems and Computing, vol 381. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2526-3_38
Download citation
DOI: https://doi.org/10.1007/978-81-322-2526-3_38
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2525-6
Online ISBN: 978-81-322-2526-3
eBook Packages: EngineeringEngineering (R0)