Skip to main content
SpringerLink
Log in

Design and Implementation of a Host-Based Intrusion Detection System for Linux-Based Web Server

  • Conference paper
  • First Online:
Recent Advances in Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP 2018)

Part of the book series: Smart Innovation, Systems and Technologies ((SIST,volume 110))

  • 570 Accesses

Abstract

In the era of blossoming computer sciences and internet technology, people cannot abolish network in our lives. However, the large number of users, website services will make itself became the most favorite targets for hackers. Although these malicious behaviors can be detected by network intrusion detection system, it is difficult to generate accuracy result owing to the shortage of data. This paper proposed a solution using host intrusion detection system that focus on the host log detection of webserver. Besides using port monitoring to monitor network environment, this paper also collected signatures of web attack and malicious activities by using signature-based approach. Furthermore, this research will find out the source of the malicious files with file monitoring function, and take appropriate action to protect web services. By using the proposed mechanism of host-based intrusion detection methods, it can provide a high accuracy to bring safety for managers and users.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 249.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Stevens, M., et al.: The first collision for full SHA-1. In: Annual International Cryptology Conference. Springer, Cham (2017)

    Chapter  Google Scholar 

  2. Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the ioT: Mirai and other botnets. Computer 50, 80–84 (2017)

    Article  Google Scholar 

  3. OWASP Top 10. The ten most critical web application security risks (2017). https://www.owasp.org/images/0/0a/OWASP_Top_10_2017_GM_%28en%29.pdf

  4. Sabahi, F., Movaghar, A.: Intrusion detection: a survey. In: 3rd International Conference on Systems and Networks Communications, ICSNC 2008. IEEE (2008)

    Google Scholar 

  5. Liao, H.-J., Lin, C.-H.R., Lin, Y.-C., Tung, K.-Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)

    Article  Google Scholar 

  6. Tirumala, S.S., Sathu, H., Sarrafzadeh, A.: Free and open source intrusion detection systems: a study. In: 2015 International Conference on Machine Learning and Cybernetics (ICMLC), vol. 1. IEEE (2015)

    Google Scholar 

  7. Schreiber, J.: Open source intrusion detection tools: a quick overview (2014). https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview

  8. Nayyar, A.: The best open source network intrusion detection tools (2017). http://opensourceforu.com/2017/04/best-open-source-network-intrusion-detection-tools/

  9. Abdou, A., Barrera, D., Van Oorschot, P.C.: What lies beneath? Analyzing automated SSH bruteforce attacks. In: International Conference on Passwords. Springer, Cham (2015)

    Google Scholar 

  10. Owens, J., Matthews, J.: A study of passwords and methods used in brute-force SSH attacks. In: USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET) (2008)

    Google Scholar 

  11. Makanju, A.A.O., Zincir-Heywood, A.N., Milios, E.E.: Clustering event logs using iterative partitioning. In: Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM (2009)

    Google Scholar 

  12. Manpathak, S., Augustine, A.: HIDS: HTTP centric intrusion detection system for web servers. https://pdfs.semanticscholar.org/186c/3d84ca6a4d1d9cf0c0c1fe5297ba0da22d28.pdf

  13. Yen, T.-F., et al.: Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks. In: Proceedings of the 29th Annual Computer Security Applications Conference. ACM (2013)

    Google Scholar 

Download references

Acknowledgment

The authors would like to thank the Ministry of Science and Technology of Taiwan, for financially supporting this research under Contract Nos. MOST 107-2218-E-006-036- and MOST 106-2221-E-006 -025.

Author information

Authors and Affiliations

  1. Institute of Computer and Communication Engineering, Department of Electrical Engineering, National Cheng Kung University, No. 1, University Road, Tainan City, 701, Taiwan (R.O.C.)

    Cheng-Chung Kuo, Shu-Han Yao, Chia-Ling Hou & Chu-Sing Yang

Authors
  1. Cheng-Chung Kuo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shu-Han Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Chia-Ling Hou
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chu-Sing Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chu-Sing Yang .

Editor information

Editors and Affiliations

  1. College of Information Science and Engineering, Fujian University of Technology, Fuzhou, Fujian, China

    Jeng-Shyang Pan

  2. Graduate School of Engineering, Tohoku University, Sendai, Miyagi, Japan

    Akinori Ito

  3. Swinburne University of Technology, Hawthorn, VIC, Australia

    Pei-Wei Tsai

  4. Centre for Artificial Intelligence, Faculty of Engineering and Information Technology, University of Technology Sydney, Sydney, NSW, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kuo, CC., Yao, SH., Hou, CL., Yang, CS. (2019). Design and Implementation of a Host-Based Intrusion Detection System for Linux-Based Web Server. In: Pan, JS., Ito, A., Tsai, PW., Jain, L. (eds) Recent Advances in Intelligent Information Hiding and Multimedia Signal Processing. IIH-MSP 2018. Smart Innovation, Systems and Technologies, vol 110. Springer, Cham. https://doi.org/10.1007/978-3-030-03748-2_44

Download citation

Publish with us

Policies and ethics

Search

Navigation