Skip to main content
SpringerLink
Log in

A novel approach to visualize web anomaly attacks in pervasive computing environment

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

These days, a pervasive computing environment is a rapidly changing trend towards increasingly always-on connected computing devices in the convergence environment. In a pervasive computing environment, there are various multimedia web services and communications for various devices in order to provide interesting and invaluable information to users. Meanwhile, providing a wide variety of the web-based multimedia services and communications may cause various security threats and abnormal behaviors. In this paper, a multimedia visualization approach for pervasive computing environment is proposed which analyzes HTTP request and response header information to detect and visualize multimedia web attacks based on the Bayesian method. We conducted a few cases’ experiment for the verification of the proposed approach in a real environment. The experimental results such as web attack detection visualization, scanning and password attack visualization, and attacker’s position tracking visualization verify the usability of the proposed approach.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Ball R, Fink GA, North C (2004) Home-centric visualization of network traffic for security administration. In: Proceedings of ACM workshop visualization and data mining for computer security (VizSEC/DMSEC), NY, USA, 2004, pp 55–64

    Google Scholar 

  2. BrutusAET2-Password Cracking Tool (2010) http://packetstorm.troop218.org/Win/index2.html

  3. Cho SH, Cha SD (2004) SAD: web session anomaly detection based on parameter estimation. Comput Secur J 23(4):312–319

    Article  Google Scholar 

  4. Friedman N, Singer Y (1999) Efficient Bayesian parameter estimation in large discrete domains. In: Proceedings of the 1998 conference on advances in neural information processing systems, pp 417–423

    Google Scholar 

  5. Girardin L, Brodbeck D (1998) A visual approach for monitoring logs. In: Proceedings of the 12th systems admin conference (LISA), pp 299–308

    Google Scholar 

  6. Goodall JR (2005) User requirements and design of a visualization for intrusion detection analysis. In: Proceedings of the 6th IEEE information assurance workshop, 2005

    Google Scholar 

  7. Google Map API (2010) ttp://maps.google.com

  8. Krugel C, Toth T, Kirda E (2002) Service specific anomaly detection for network intrusion detection. In: Proceedings of symposium on applied computing, pp 201–208

    Google Scholar 

  9. Lebanidze E (2004) Securing enterprise web applications at the source: an application security perspective. OWASP Tech. Report

  10. Lee BH, Cho SH, Cha SD (2004) Real-time visualization of web usage patterns and anomalous sessions. Korean Inst Inf Secur 14(4):97–110

    Google Scholar 

  11. Mahoney MV, Chan PK (2001) Packet header anomaly detection for identifying hostile network traffic. In: Proceedings of the 2003 ACM symposium on applied computing, Melbourne, Florida, pp 346–350

    Google Scholar 

  12. McHugh J (2001) Intrusion and intrusion detection. Int J Inf Secur 1(1):14–35

    MATH  Google Scholar 

  13. Nikto-Web Scanner (2010) http://www.cirt.net/code/nikto.shtml

  14. Stolze M, Pawlitzek R, Wespi A (2003) Visual problem-solving support for new event triage in centralized network security monitoring: challenges, tools and benefits. In: Proceeding of the GI-SIDAR conference IT incident management & IT-forensics (IMF), Stuttgart, Deutschland

    Google Scholar 

  15. The Top Cyber Security Risks (2009) Internet Storm Center, SANS. http://www.sans.org/top-cyber-security-risks/

  16. The World Wide Web Consortium (2010) http://www.w3.org/Protocols/rfc2616/rfc2616.html

  17. W3C Extended Log File Format (2010) http://www.w3.org/TR/WD-logfile.html

  18. Wang W, Masseglia F, Guyet T et al (2009) A general framework for adaptive and online detection of web attacks. In: Proceedings of the 18th international conference on world wide web, Madrid, Spain, 2009, pp 1141–1142

    Chapter  Google Scholar 

  19. Yurcik W, Barlow J, Lakkaraju K, Haberman M (2003) Two visual computer network security monitoring tools incorporating operator interface requirements. In: Proceedings of ACM CHI workshop HCI and security systems HCISEC

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Convergence Lab, DMC R&D Center, Dong Suwon P.O. Box 105, Maetan-3dong, Suwon, 442-600, Korea

    Bonhyun Koo & Taeshik Shon

  2. Dept. of Information Communication Engineering, Chosun University, 375 Seosuk-dong, Dong-gu, Gwangju, 501-759, Korea

    Yang Sun Lee

Authors
  1. Bonhyun Koo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang Sun Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Taeshik Shon
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taeshik Shon.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Koo, B., Lee, Y.S. & Shon, T. A novel approach to visualize web anomaly attacks in pervasive computing environment. J Supercomput 65, 301–316 (2013). https://doi.org/10.1007/s11227-010-0520-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-010-0520-1

Keywords

Search

Navigation