Skip to main content
SpringerLink
Log in

A Vector Space Model Approach for Web Attack Classification Using Machine Learning Technique

  • Conference paper
  • First Online:
Proceedings of the Second International Conference on Computer and Communication Technologies

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 381))

Abstract

Web applications usage is increasing in online services in many ways in our day-to-day life. Business service providers have started deploying their business over the web through various e-commerce applications online. The growth of online web application increases the web complexity and vulnerability in terms of security which is a major concern in the current web security research. The extensive growth of various types of web attacks is a severe threat to web security. HTTP requests are usually secret code into a web attack spread through the injection and allow them to perform malicious actions on remote systems to execute arbitrary commands. This paper proposes an efficient approach for web attack classification, using a vector space model approach (VSMA), to improve the detection and classification accuracy. It is able to automatically classify the attacks from valid requests to detect the specific web attacks. The evaluation measure shows high precision and low recall rates than the existing classifiers in comparison.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Shailendra, S., Sanjay, S.: An ensemble approach for cyber attack detection system: a generic framework. IEEE, 14th-ACIS, pp. 79–85 (2013)

    Google Scholar 

  2. DinhNguyen, H., Cheng, Q.: An efficient feature selection method for distributed cyber attack detection and classification. IEEE, pp. 1–6 (2013)

    Google Scholar 

  3. Xu, L., Lille, I., Xiaohui, L., Xiaodong, L., Haojin, Z.: Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Commun. Mag. 38–46 (2012)

    Google Scholar 

  4. Richhariya, V., Rana, J.L., Jain, R.C., Pandey, R.K.: Design of trust model for efficient cyber attack detection on fuzzified large data using data mining techniques. Int. J. RCCT 2(3), 126–132 (2013)

    Google Scholar 

  5. Shailendra, S., Sanjay, A., Murtaza, A. et.al.: Improved support vector machine for cyber attack detection. IEEE, pp. 1–6 (2011)

    Google Scholar 

  6. Jovanovic, N., Kruegel, C., Kirda, E.: Pixy: a static analysis tool for detecting web application vulnerabilities. IEEE Symposium on Security and Privacy (2006)

    Google Scholar 

  7. Kruegel, C., Vigna, G.: Anomaly detection of web-based attacks. ACM, 10th Conference on Computer and Communication Security, USA, pp. 251–261, Oct 2003

    Google Scholar 

  8. Gollmann, D.: Securing web applications. Inform. Secur. Techn. Report 13(1), 1–9 (2008)

    Google Scholar 

  9. Symantic: Security threat report—trend for 2012. Symantic, Tech. Rep., April 2012

    Google Scholar 

  10. Pachopoulos, K., Valsamou, D., Mavroeidis, D., Vazirgiannis, M.: Feature extraction from web traffic data for the application of data mining algorithms in attack identification. Proceedings of the ECML/PKDD’2007 Discovery Challenge, pp. 65–70 (2007)

    Google Scholar 

  11. Anagnostakis, K.G., Sidiroglou, S., Akritidis, P. et al.: Detecting targeted attacks using shadow honeypots. Proceeding for USENIX Security Symposium, pp. 129–144 (2005)

    Google Scholar 

  12. Exbrayat, M.: Analyzing web traffic—a boundaries signature approach. Proceedings for ECML/PKDD-2007 in Discovery Challenge, pp. 53–64 (2007)

    Google Scholar 

  13. Cova, M., Balzarotti, D., Felmetsger, V., Vigna, G.: Swaddler: an approach for the anomaly-based detection of state violations in web applications. Recent Advance in Intrusion Detection (RAID), pp. 63–86, Sept 2007

    Google Scholar 

  14. Salton, G, Wong, A, Yang, C.S.: A vector space model for automatic indexing. ACM Commun. Network 18(11), 613–620 (1975)

    Google Scholar 

  15. Database of XSSED: http://www.xssed.com/

  16. Web Application Security Statistics Project-2007: Web App. Security Consortium. http://www.webappsec.org/projects/statistics/wasc_wass_2007.pdf (2008)

  17. Vigna, G., Valeur, F., Balzarotti, D., Robertson, W., Kruegel, C., Kirda, E.: Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries. J. Comput. Secur. 17(3), 305–329 (2009)

    Google Scholar 

  18. Ten, C.W., Manimaran, G.: Cybersecurity for critical infrastructures: attack and defense modeling. IEEE Trans. Syst. 40, 853–865 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CSE, JNTUH College of Engineering, Nachupally, Karim Nagar, Hyderabad, Telangana, India

    B. V. Ram Naresh Yadav

  2. Department of CST, Sri Krishna Devaraya University, Anantapur, Andhra Pradesh, India

    B. Satyanarayana

  3. Department of CSE, JNTUH College of Engineering, Hyderabad, Telangana, India

    D. Vasumathi

Authors
  1. B. V. Ram Naresh Yadav
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. Satyanarayana
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. D. Vasumathi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to B. V. Ram Naresh Yadav .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Anil Neerukonda Institute of Technology and Sciences, Visakhapatnam, India

    Suresh Chandra Satapathy

  2. Department of CSE, CMR Technical Campus, Hyderabad, India

    K. Srujan Raju

  3. Computer Science & Engineering, Kalyani University, Nadia, West Bengal, India

    Jyotsna Kumar Mandal

  4. Electronics and Communication, Shri Ramswaroop Memorial Group of Professional Colleges, Lucknow, Uttar Pradesh, India

    Vikrant Bhateja

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer India

About this paper

Cite this paper

Ram Naresh Yadav, B.V., Satyanarayana, B., Vasumathi, D. (2016). A Vector Space Model Approach for Web Attack Classification Using Machine Learning Technique. In: Satapathy, S., Raju, K., Mandal, J., Bhateja, V. (eds) Proceedings of the Second International Conference on Computer and Communication Technologies. Advances in Intelligent Systems and Computing, vol 381. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2526-3_38

Download citation

  • DOI: https://doi.org/10.1007/978-81-322-2526-3_38

  • Published:

  • Publisher Name: Springer, New Delhi

  • Print ISBN: 978-81-322-2525-6

  • Online ISBN: 978-81-322-2526-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation