Intrusion Detection Using GSAD Model for HTTP Traffic on Web Services

Association for Computing Machinery, Inc. (ACM)
Publication Type:
Conference Proceeding
2010 IWCMC - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, 2010, pp. 1193 - 1197
Issue Date:
Full metadata record
Files in This Item:
Filename Description Size
Thumbnail2009006970OK.pdf1.52 MB
Adobe PDF
Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.
Please use this identifier to cite or link to this item: