Data Mining Methods for Anomaly Detection of HTTP Request Exploitations

Wang, Xiao-Feng; Zhou, Jing-Li; Yu, Sheng-Sheng; Cai, Long-Zheng

doi:10.1007/11540007_39

Data Mining Methods for Anomaly Detection of HTTP Request Exploitations

Xiao-Feng Wang²⁰,
Jing-Li Zhou²⁰,
Sheng-Sheng Yu²⁰ &
…
Long-Zheng Cai²⁰

Conference paper

958 Accesses
2 Citations

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3614))

Abstract

HTTP request exploitations take substantial portion of network-based attacks. This paper presents a novel anomaly detection framework, which uses data mining technologies to build four independent detection models. In the training phase, these models mine specialty of every web program using web server log files as data source, and in the detection phase, each model takes the HTTP requests upon detection as input and calculates at least one anomalous probability as output. All the four models totally generate eight anomalous probabilities, which are weighted and summed up to produce a final probability, and this probability is used to decide whether the request is malicious or not. Experiments prove that our detection framework achieves close to perfect detection rate under very few false positives.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Kruegel, C.: Anomaly Detection of Web-based Attacks. In: CCS 2003, Washington, DC, USA, October 27–31 (2003)
Google Scholar
Billingsley, P.: Probability and Measure,3 edn., April 1995. Wiley Interscience, Hoboken (1995)
MATH Google Scholar
Mitchell, T.: Machine Learning. McGraw Hill, New York (1997)
MATH Google Scholar
CGISecurity. The Cross Site Scripting FAQ
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China
Xiao-Feng Wang, Jing-Li Zhou, Sheng-Sheng Yu & Long-Zheng Cai

Authors

Xiao-Feng Wang
View author publications
You can also search for this author in PubMed Google Scholar
Jing-Li Zhou
View author publications
You can also search for this author in PubMed Google Scholar
Sheng-Sheng Yu
View author publications
You can also search for this author in PubMed Google Scholar
Long-Zheng Cai
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Electrical and Electronic Engineering, Nanyang Technological University, Block S1, Nanyang Avenue, 639798, Singapore
Lipo Wang
Honda Research Institute Europe GmbH, Offenbach/Main, Germany
Yaochu Jin

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wang, XF., Zhou, JL., Yu, SS., Cai, LZ. (2005). Data Mining Methods for Anomaly Detection of HTTP Request Exploitations. In: Wang, L., Jin, Y. (eds) Fuzzy Systems and Knowledge Discovery. FSKD 2005. Lecture Notes in Computer Science(), vol 3614. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11540007_39

Download citation

DOI: https://doi.org/10.1007/11540007_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28331-7
Online ISBN: 978-3-540-31828-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics