Machine Learning
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Real anomaly detection in telecommunication multidimensional data using data mining techniques
ICCCI'10 Proceedings of the Second international conference on Computational collective intelligence: technologies and applications - Volume PartI
Semantic security against web application attacks
Information Sciences: an International Journal
Hi-index | 0.00 |
HTTP request exploitations take substantial portion of network-based attacks. This paper presents a novel anomaly detection framework, which uses data mining technologies to build four independent detection models. In the training phase, these models mine specialty of every web program using web server log files as data source, and in the detection phase, each model takes the HTTP requests upon detection as input and calculates at least one anomalous probability as output. All the four models totally generate eight anomalous probabilities, which are weighted and summed up to produce a final probability, and this probability is used to decide whether the request is malicious or not. Experiments prove that our detection framework achieves close to perfect detection rate under very few false positives.