HMM-web: A framework for the detection of attacks against web applications

IEEE International Conference on Communications

Volumn , Issue , 2009, Pages

  Corona, Igino ^a   Ariu, Davide ^a   Giacinto, Giorgio ^a  

^a UNIVERSITY OF CAGLIARI   (Italy)

Author keywords

Hidden markov models; Intrusion detection; Multiple classifiers system; Web applications

Indexed keywords

FALSE ALARM RATE; HIGH DETECTION RATE; INPUT VALIDATION; INTERNET SERVICES; MANAGE INFORMATION; MULTIPLE CLASSIFIERS SYSTEM; QUERY ANALYSIS; REAL WORLD DATA; REMOTE MACHINES; TRAINING SETS; WEB APPLICATION; WEB APPLICATION VULNERABILITY; WEB APPLICATIONS; WEB-BASED ARCHITECTURE;

CLASSIFIERS; COMPUTATIONAL GRAMMARS; INTERNET; INTRUSION DETECTION; LEARNING SYSTEMS; OBJECT RECOGNITION; SOFTWARE ARCHITECTURE; WORLD WIDE WEB;

HIDDEN MARKOV MODELS;

EID: 70449490765     PISSN: 05361486     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICC.2009.5199054     Document Type: Conference Paper

References (17)

1. milw0rm, www.milw0rm.com.
2. Modsecurity, www.modsecurity.org.
3. Ariu D., Giacinto G., and Perdisci R. Sensing attacks in computers network with hidden markov models. MLDM 2007, LNAI 4571:795-809.
4. R. Durbin, S. R. Eddy, A. Krogh, and G. Mitchison. Biological Sequence Analysis : Probabilistic Models of Proteins and Nucleic Acids. Cambridge Univ. Press.
5. H.H. Feng, O.M. Kolesnikov, P. Fogla, and W. Lee. Anomaly detection using call stack information. Security and Privacy, 2003. Proceedings, pages 62-75.
6. Vigna G., Robertson W., and Balzarotti D. Testing network-based intrusion detection signatures using mutant exploits. In ACM CCS, pages 21-30, 2005.
7. Wang K. and Stolfo S.J. Anomalous payload-based network intrusion detection. RAID 2004, LNCS 3224:203-222.
8. Ingham K.L., Somayaji A., Burge J., and Forrest S. Learning dfa representations of http for protecting web applications. Computer Networks, 51:1239-1255, 2007.
9. C. Kruegel, G. Vigna, and W. Robertson. A multi-model approach to the detection of web-based attacks. Computer Networks, 48(5):717-738, 2005.
10. Kuncheva L. Combining Pattern Classifiers. Wiley, 2004.
11. Rabiner L.R. A tutorial on hidden markov models and selected applications in speech recognition. Proceedings of the IEEE, 77(2):257-286, 1989.
12. Lippmann R., Haines J., Fried D., J. Korba, and Das K. The 1999 darpa off-line intrusion detection evaluation. Computer Networks, 34:579-595, 2000.
13. Perdisci R., Gu G., and Lee W. Using an ensemble of one-class svm classifiers to harden payload-based anomaly detection systems. ICDM, 2006:488-498.
14. www.sans.org Roger Meyer, SANS institute. Detecting attacks on web applications from log files, 2008.
15. Snort. open-source ids, www.snort.org.
16. OWASP www.owasp.org. The ten most critical web application vulnerabilities, 2007.
17. Yoshua Bengio Y. Markovian models for sequential data, 1996.