Intrusion detection using GSAD model for HTTP traffic on web services

Aruna Jamdagni; Zhiyuan Tan; Priyadarsi Nanda; Xiangjian He; Ren Ping Liu

doi:10.1145/1815396.1815669

Intrusion detection using GSAD model for HTTP traffic on web services

Aruna Jamdagni, Zhiyuan Tan, Priyadarsi Nanda, Xiangjian He, Ren Ping Liu

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

17 Citations (Scopus)

Abstract

Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.

Original language	English
Title of host publication	IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Pages	1193-1197
Number of pages	5
DOIs	https://doi.org/10.1145/1815396.1815669
Publication status	Published - 2010
Externally published	Yes
Event	6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010 - Caen, France Duration: 28 Jun 2010 → 2 Jul 2010

Publication series

Name	IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference

Conference

Conference	6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010
Country/Territory	France
City	Caen
Period	28/06/10 → 2/07/10

Keywords

Attack
GSAD model
HTTP
Intrusion detection
Payload

ASJC Scopus subject areas

Computational Theory and Mathematics
Computer Networks and Communications

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1145/1815396.1815669

Cite this

Jamdagni, A., Tan, Z., Nanda, P., He, X., & Liu, R. P. (2010). Intrusion detection using GSAD model for HTTP traffic on web services. In IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference (pp. 1193-1197). (IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference). https://doi.org/10.1145/1815396.1815669

@inproceedings{21a55eac07994a408104b2ebdf3e3406,

title = "Intrusion detection using GSAD model for HTTP traffic on web services",

abstract = "Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.",

keywords = "Attack, GSAD model, HTTP, Intrusion detection, Payload",

author = "Aruna Jamdagni and Zhiyuan Tan and Priyadarsi Nanda and Xiangjian He and Liu, {Ren Ping}",

year = "2010",

doi = "10.1145/1815396.1815669",

language = "English",

isbn = "9781450300629",

series = "IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference",

pages = "1193--1197",

booktitle = "IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference",

note = "6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010 ; Conference date: 28-06-2010 Through 02-07-2010",

}

Jamdagni, A, Tan, Z, Nanda, P, He, X & Liu, RP 2010, Intrusion detection using GSAD model for HTTP traffic on web services. in IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference. IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, pp. 1193-1197, 6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010, Caen, France, 28/06/10. https://doi.org/10.1145/1815396.1815669

Intrusion detection using GSAD model for HTTP traffic on web services. / Jamdagni, Aruna; Tan, Zhiyuan; Nanda, Priyadarsi et al.
IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference. 2010. p. 1193-1197 (IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference).

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Intrusion detection using GSAD model for HTTP traffic on web services

AU - Jamdagni, Aruna

AU - Tan, Zhiyuan

AU - Nanda, Priyadarsi

AU - He, Xiangjian

AU - Liu, Ren Ping

PY - 2010

Y1 - 2010

N2 - Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.

AB - Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.

KW - Attack

KW - GSAD model

KW - HTTP

KW - Intrusion detection

KW - Payload

UR - http://www.scopus.com/inward/record.url?scp=77955165142&partnerID=8YFLogxK

U2 - 10.1145/1815396.1815669

DO - 10.1145/1815396.1815669

M3 - Conference contribution

AN - SCOPUS:77955165142

SN - 9781450300629

T3 - IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference

SP - 1193

EP - 1197

BT - IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference

T2 - 6th International Wireless Communications and Mobile Computing Conference, IWCMC 2010

Y2 - 28 June 2010 through 2 July 2010

ER -

Jamdagni A, Tan Z, Nanda P, He X, Liu RP. Intrusion detection using GSAD model for HTTP traffic on web services. In IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference. 2010. p. 1193-1197. (IWCMC 2010 - Proceedings of the 6th International Wireless Communications and Mobile Computing Conference). doi: 10.1145/1815396.1815669

Intrusion detection using GSAD model for HTTP traffic on web services

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this