Detection of web-based attacks through Markovian protocol parsing

Proceedings - IEEE Symposium on Computers and Communications

Volumn , Issue , 2005, Pages 457-462

  Estévez Tapiador, Juan M ^a   García Teodoro, Pedro ^b   Díaz Verdejo, Jesús E ^b  

^a UNIVERSIDAD CARLOS III DE MADRID   (Spain)

^b UNIVERSITY OF GRANADA   (Spain)

Author keywords

[No Author keywords available]

Indexed keywords

MARKOVIAN MODELS; MARKOVIAN PROTOCOL; WEB SERVERS; WEB-BASED ATTACKS;

CODES (SYMBOLS); COMPUTATIONAL METHODS; HTTP; MATHEMATICAL MODELS; NETWORK PROTOCOLS; PROBABILITY DISTRIBUTIONS; SERVERS; WORLD WIDE WEB;

SECURITY OF DATA;

EID: 27544495468     PISSN: 15301346     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ISCC.2005.51     Document Type: Conference Paper

References (15)

1. CERT/CC Statistics 1988-2003. Available online at: http://www.cert.org/ stats. June 2004.
2. J.M. Estévez-Tapiador, P. García-Teodoro, J.E. Díaz-Verdejo, "Anomaly Detection Methods in Wired Networks: A Survey and Taxonomy", in Computer Communications, 27(16):1569-1584, 2004.
3. th ACM Symp, on Applied Computing. Madrid, Spain, 2002, pp. 201-208.
4. J.M. Estévez-Tapiador, P. García-Teodoro, J.E. Díaz-Verdejo, "Measuring Normality in HTTP Traffic for Anomaly-Based Intrusion Detection", in. Computer Networks, 45(2):145-193, 2004.
5. th ACM Conference on Computer and Communications Security. Washington, D.C. (USA), 2003, pp. 251-261.
6. M.V. Mahoney and P.K. Chan, "An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection", in Lecture Notes in Computer Science, Vol. 2820 (RAID'03), pp. 220-237. Springer-Verlag, 2003.
7. th ACM Conference on Computer and Communications Security, Washington, D.C. (USA), 2002, pp. 265-274.
8. J.L. Doob. Stochastic Processes. John Wiley & Sons, 1953.
9. rd Edition. John Wiley & Sons, 1968.
10. R. Fielding, J. Gettys, J. Mogul, H. Frystyk, and T. Berners-Lee, "Hypertext Transfer Protocol - HTTP/1.1", RFC 2068. January, 1997.
11. T. Berners-Lee, R. Fielding, and L. Masinter, "Uniform Resource Identifiers". RFC 2396. August, 1998.
12. st IEEE International Workshop on Information Assurance, Darmstadt, Germany, March 2003. pp. 63-72.
13. R.P. Lippmann, J.W. Haines, D.J. Fried, J. Corba, and K. Das, "The 1999 DARPA Off-line Intrusion Detection Evaluation", in Computer Networks, 34(4):579-595, 2000.
14. J. McHugh, "Testing Intrusion Detection Systems: A Critique of the 1998 and 1999 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory", in ACM Transactions on Information and System Security, 3(4):262-294, November 2000.
15. arachNIDS: Advanced Reference Archive of Current Heuristics for Network Intrusion Detection Systems. Available online at: http://www.whitehats.com/ids. March 2004.