Intrusion detection using GSAD model for HTTP traffic on web services
- Publication Type:
- Conference Proceeding
- IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, 2010, pp. 1193 - 1197
- Issue Date:
Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates. Copyright © 2010 ACM.
Please use this identifier to cite or link to this item: