@inproceedings{b0a7382562cb4cc395a2352233224d20,
title = "A novel framework for active detection of HTTP based attacks",
abstract = "Web application vulnerabilities represent a substantial portion of the security exposures of computer networks. Considering HTTP protocol is stateless, we explore the effectiveness of HTTP-session model to effectively describe http behavior. Based on the HTTP-session model and the analysis of http attack behavior, we present a novel framework to actively detect http attacks. Our method takes http requests as input and calculates anomalous probability for each session attribute and for the session as a whole as output. All the probabilities are weighted and summed up to produce final probability, and this probability is used to decide whether http session is attack or not. We demonstrate the effectiveness of the proposed methods via simulation studies using real-world web access logs. Experiments prove that our detection framework achieves high detection rates under very few false positives.",
keywords = "HTTP-session, anomaly detection, http attacks",
author = "Liang Jie and Sun Jianwei and Hu Changzhen",
year = "2011",
doi = "10.1007/978-3-642-21762-3_53",
language = "English",
isbn = "9783642217616",
series = "Lecture Notes in Electrical Engineering",
number = "VOL. 4",
pages = "411--418",
booktitle = "Communication Systems and Information Technology - Selected Papers from the 2011 International Conference on Electric and Electronics, EEIC 2011",
edition = "VOL. 4",
note = "2011 International Conference on Electric and Electronics, EEIC 2011 ; Conference date: 20-06-2011 Through 22-06-2011",
}