IEEE Transactions on Software Engineering - Special issue on computer security and privacy
An example-based mapping method for text categorization and retrieval
ACM Transactions on Information Systems (TOIS)
An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
A re-examination of text categorization methods
Proceedings of the 22nd annual international ACM SIGIR conference on Research and development in information retrieval
Towards trapping wily intruders in the large
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Robust Classification for Imprecise Environments
Machine Learning
Naive (Bayes) at Forty: The Independence Assumption in Information Retrieval
ECML '98 Proceedings of the 10th European Conference on Machine Learning
Naive Bayes vs decision trees in intrusion detection systems
Proceedings of the 2004 ACM symposium on Applied computing
ACL '99 Proceedings of the 37th annual meeting of the Association for Computational Linguistics on Computational Linguistics
IEEE Internet Computing
Serving Text-Mining Functionalities with the Software Architecture Plato
CIMCA '06 Proceedings of the International Conference on Computational Inteligence for Modelling Control and Automation and International Conference on Intelligent Agents Web Technologies and International Commerce
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A study on optimal parameter tuning for Rocchio text classifier
ECIR'03 Proceedings of the 25th European conference on IR research
Text classification based on multi-word with support vector machine
Knowledge-Based Systems
Agent-Based Security System for User Verification
WI-IAT '09 Proceedings of the 2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
A distributed multi-approach intrusion detection system for web services
Proceedings of the 3rd international conference on Security of information and networks
A clustering study of a 7000 EU document inventory using MDS and SOM
Expert Systems with Applications: An International Journal
Hi-index | 0.00 |
Information security has evolved from just focusing on the network and server layers to also include the web application layer. In fact, security in some types of web applications is often considered a particularly sensitive subject. Achieving a secure web application involves several different issues like encrypting traffic and certain database information, strictly restricting the access control, etc. In this work we focus on detecting attempts of either gaining unauthorised access or misusing a web application. We introduce an intrusion detection software component based on text-mining techniques. By using text categorisation, it is capable of learning the characteristics of both normal and malicious user behaviour from the log entries generated by the web application server. Therefore, the detection of misuse in the web application is achieved without the need of any explicit programming or code writing, hence improving the system maintainability. Because telemedicine systems are usually critical in terms of the confidential information handled and the responsibilities consequently derived, we apply and evaluate our methods on a real web-based telemedicine system called Arnasa.