Abstract
In this paper we present our further research results concerning detection of cyber attacks targeted at the application layer. In particular we focus on detecting SQLIA (SQL Injection Attacks) and XSS (Cross Site Scripting). In our approach, we model normal traffic (HTTP requests) with the use of regular expressions. We report very good results achieved on the large benchmark CISC’10 database and compare them to other solutions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Choraś, M., Kozik, R., Puchalski, D., Hołubowicz, W.: Correlation Approach for SQL Injection Attacks Detection. In: Herrero, Á., Snášel, V., Abraham, A., Zelinka, I., Baruque, B., Quintián, H., Calvo, J.L., Sedano, J., Corchado, E., et al. (eds.) Int. Joint Conf. CISIS’12-ICEUTE’12-SOCO’12. AISC, vol. 189, pp. 177–185. Springer, Heidelberg (2013)
Choraś, M., Kozik, R.: Real-Time Analysis of Non-stationary and Complex Network Related Data for Injection Attempts Detection. In: Snasel, V., et al. (eds.) Soft Computing in Industrial Applications. AISC, vol. 223, pp. 257–264. Springer, Heidelberg (2013)
Choraś, M., Kozik, R.: Evaluation of Various Techniques for SQL Injection Attack Detection. In: Burduk, R., Jackowski, K., Kurzynski, M., Wozniak, M., Zolnierek, A., et al. (eds.) CORES 2013. AISC, vol. 226, pp. 751–760. Springer, Heidelberg (2013)
Kozik, R., Choraś, M.: Machine Learning Techniques for Cyber Attacks Detection. In: Choras, R.S. (ed.) Image Processing and Communications Challenges 5. AISC, vol. 233, pp. 385–392. Springer, Heidelberg (2014)
Needleman Saul, B., Wunsch Christian, D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. Journal of Molecular Biology 48 (1970)
Kruegel, C., Toth, T., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proc. of ACM Symposium on Applied Computing, pp. 201–208 (2002)
Nguyen, H.T., Torrano-Gimenez, C., Alvarez, G., Petrović, S., Franke, K.: Application of the Generic Feature Selection Measure in Detection of Web Attacks. In: Herrero, Á., Corchado, E. (eds.) CISIS 2011. LNCS, vol. 6694, pp. 25–32. Springer, Heidelberg (2011)
Felzenszwalb, P.F., Huttenlocher, D.P.: Efficient Graph-Based Image Segmentation. International Journal of Computer Vision 59(2) (September 2004)
Herrero, A., Navarro, M., Corchado, E., Julián, V.: RT-MOVICAB-IDS: Addressing real-time intrusion detection. Future Generation Comp. Syst. 29(1), 250–261 (2013)
SNORT. Project homepage, http://www.snort.org/
SCALP. Project homepage, http://code.google.com/p/apache-scalp/
PHPIDS. Project homepage, https://phpids.org/
CSIC 2010 Dataset. Project homepage, http://iec.csic.es/dataset/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kozik, R., Choraś, M., Renk, R., Hołubowicz, W. (2014). Modelling HTTP Requests with Regular Expressions for Detection of Cyber Attacks Targeted at Web Applications. In: de la Puerta, J., et al. International Joint Conference SOCO’14-CISIS’14-ICEUTE’14. Advances in Intelligent Systems and Computing, vol 299. Springer, Cham. https://doi.org/10.1007/978-3-319-07995-0_52
Download citation
DOI: https://doi.org/10.1007/978-3-319-07995-0_52
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07994-3
Online ISBN: 978-3-319-07995-0
eBook Packages: EngineeringEngineering (R0)