Mahalanobis Distance Map Approach for Anomaly Detection of Web-Based Attacks
- Secau - Security Research Centre
- Publication Type:
- Journal Article
- Journal of Network Forensics, 2011, 2 (2), pp. 25 - 39
- Issue Date:
|Mahalanobis Distance Map Approach for Anomaly Detection.pdf||Published Version||422.05 kB|
Copyright Clearance Process
- Recently Added
- In Progress
- Closed Access
This item is closed access and not available.
Web serverss and web-based applications are commonly used attack targets. The main issue are how to prevent unauthorized access and to protect web server from the attack. Intrusion Detection Systems and networks. This paper focuses on the detection of various web-based attacks using Geometrical Structure Anomaly Detectin (GSAD) model. Further, a novel algorithm is proposed using Linear Discriminant Analysis (LDA) for the selection of most discriminating features to reduce the computational complexity of payload-based GSAD model. GSAD model is based on a pattern recognition technique used in image payload features to calculate the difference between normal and abnormal network traffice. GSAD model is evaluated experimentally on the real attacks (GATECH) dataset and on the DARPA 1999 dataset.
Please use this identifier to cite or link to this item: