By Topic

Data processing and anomaly detection in web-based applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Sriraghavan, R.G. ; Cypress Semicond., Beaverton, OR ; Lucchese, Luca

Web applications are popular attack targets. Misuse detection systems use signature databases to detect known attacks. However, it is difficult to keep the database up to date with the rate of discovery of vulnerabilities. They also cannot detect zero-day attacks. By contrast, anomaly detection systems learn the normal behavior of the system and monitor its activity to detect any deviations from the normal. Any such deviations are flagged as anomalous. This paper presents an anomaly detection system for web-based applications. The anomaly detection system monitors the attribute value pairs of successful HTTP requests received by webserver applications and automatically creates parameter profiles. It then uses these profiles to detect anomalies in the HTTP requests. Customized profiles help reduce the number of false positives. Automatic learning ensures that the system can be used with different kinds of web application environments, without the necessity for manual configuration.

Published in:

Machine Learning for Signal Processing, 2008. MLSP 2008. IEEE Workshop on

Date of Conference:

16-19 Oct. 2008