Abstract
Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.
| Original language | English |
|---|---|
| Title of host publication | IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference |
| Place of Publication | New York |
| Publisher | ACM |
| Pages | 1193-1197 |
| Number of pages | 5 |
| ISBN (Print) | 9781450300629 |
| DOIs | |
| Publication status | Published - 2010 |
| Externally published | Yes |
| Event | 6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010 - Caen, France Duration: 28 Jun 2010 → 2 Jul 2010 |
Other
| Other | 6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010 |
|---|---|
| Country/Territory | France |
| City | Caen |
| Period | 28/06/10 → 2/07/10 |
Keywords
- Attack
- GSAD model
- HTTP
- Intrusion detection
- Payload