Abstract
Web servers and web-based applications are commonly used attack targets. The main issues are how to prevent unauthorized access and to protect web server from the attack. Intrusion Detection Systems (lDSs) are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. This paper focuses on the detection of various web-based attacks using Geometrical Structure Anomaly Detection (GSAD) model. Further, a novel algorithm is proposed using Linear Discriminant Analysis (LDA) for the selection of most discriminating features to reduce the computational complexity of payload-based GSAD model. GSAD model is based on a pattern recognition technique used in image processing. Mahalanobis Distance Map (MOM) uses the correlations between various payload features to calculate the difference between normal and abnormal network traffic. GSAD model is evaluated experimentally on the real attacks (GATECH) dataset and on the DARPA 1999 dataset.
Original language | English |
---|---|
Pages (from-to) | 25-39 |
Number of pages | 15 |
Journal | Journal of Network Forensics |
Volume | 2 |
Issue number | 2 |
Publication status | Published - 2010 |