Intrusion detection using GSAD model for HTTP traffic on web services

Authors:
Aruna Jamdagni;Zhiyuan Tan;Priyadarsi Nanda;Xiangjian He;Ren Ping Liu
Affiliations:
University of Technology, Sydney, Australia and CSIRO, ICT Centre, Australia;University of Technology, Sydney, Australia;University of Technology, Sydney, Australia;University of Technology, Sydney, Australia;CSIRO, ICT Centre, Australia
Venue:
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Year:
2010

Citing 6
Cited 3

The 1999 DARPA off-line intrusion detection evaluation

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Using Text Categorization Techniques for Intrusion Detection

Proceedings of the 11th USENIX Security Symposium
Anomaly detection of web-based attacks

Proceedings of the 10th ACM conference on Computer and communications security
McPAD: A multiple classifier system for accurate payload-based anomaly detection

Computer Networks: The International Journal of Computer and Telecommunications Networking
Intrusion Detection Using Geometrical Structure

FCST '09 Proceedings of the 2009 Fourth International Conference on Frontier of Computer Science and Technology

A two-tier system for web attack detection using linear discriminant method

ICICS'10 Proceedings of the 12th international conference on Information and communications security
Multivariate correlation analysis technique based on Euclidean distance map for network traffic characterization

ICICS'11 Proceedings of the 13th international conference on Information and communications security
Evaluation on multivariate correlation analysis based denial-of-service attack detection system

Proceedings of the First International Conference on Security of Internet of Things

Quantified Score

Hi-index	0.00

Visualization

Abstract

Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.