Paper published in a book (Scientific congresses, symposiums and conference proceedings)
High-speed Web Attack Detection through Extracting Exemplars from HTTP Traffic
Wang, Wei; Zhang, Xiangliang
2011In Proceedings of the 2011 ACM Symposium on Applied Computing
 

Files


Full Text
Wang.pdf
Publisher postprint (1.11 MB)
Request a copy

All documents in ORBilu are protected by a user license.

Send to



Details



Abstract :
[en] In this work, we propose an effective method for high-speed web attack detection by extracting exemplars from HTTP traffic before the detection model is built. The smaller set of exemplars keeps valuable information of the original traffic while it significantly reduces the size of the traffic so that the detection remains effective and improves the detection efficiency. The Affinity Propagation (AP) is employed to extract the exemplars from the HTTP traffic. K-Nearest Neighbor(K-NN) and one class Support Vector Machine (SVM) are used for anomaly detection. To facilitate comparison, we also employ information gain to select key attributes (a.k.a. features) from the HTTP traffic for web attack detection. Two large real HTTP traffic are used to validate our methods. The extensive test results show that the AP based exemplar extraction significantly improves the real-time performance of the detection compared to using all the HTTP traffic and achieves a more robust detection performance than information gain based attribute selection for web attack detection.
Disciplines :
Computer science
Identifiers :
UNILU:UL-CONFERENCE-2010-467
Author, co-author :
Wang, Wei ;  University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Zhang, Xiangliang;  Division of MCSE, King Abdullah University of Science and Technology (KAUST), Saudi Arabia
Language :
English
Title :
High-speed Web Attack Detection through Extracting Exemplars from HTTP Traffic
Publication date :
2011
Event name :
2011 ACM Symposium on Applied Computing
Event place :
TaiChung, Taiwan
Event date :
21-24 March, 2011
Main work title :
Proceedings of the 2011 ACM Symposium on Applied Computing
Publisher :
ACM, New York, United States - New York
ISBN/EAN :
978-1-4503-0113-8
Pages :
1538-1543
Available on ORBilu :
since 13 March 2014

Statistics


Number of views
72 (0 by Unilu)
Number of downloads
0 (0 by Unilu)

Scopus citations®
 
7
Scopus citations®
without self-citations
5
OpenCitations
 
4

Bibliography


Similar publications



Contact ORBilu