Please use this identifier to cite or link to this item:
http://dspace.bits-pilani.ac.in:8080/jspui/handle/123456789/8439
Title: | Identifying Anomalous HTTP Traffic with Association Rule Mining |
Authors: | Agarwal, Vinti |
Keywords: | Computer Science Data Mining Data protection Hypermedia Internet Learning (artificial intelligence) Transport protocols |
Issue Date: | 2019 |
Publisher: | IEEE |
Abstract: | Web applications are compromised by exploiting different vulnerabilities. The protection systems designed to detect such attacks, screen the HTTP requests to decide whether a particular request is benign or malicious. Generating effective screening rules governs the detection performance and false positive rate. In this paper, we propose to generate classification rules to identify malicious HTTP requests using co-occurrence between certain character combinations. Our idea is motivated by the fact that, a successful attack will have some combination of characters together. For e.g., in an SQL injection attack = sign may appear along with “'”. We propose to learn such character combinations using association rules with a set of carefully chosen feature (character) set. We experiment with a publicly available HTTP dataset and show that malicious HTTP requests can be identified with rules generated from such associations. |
URI: | https://ieeexplore.ieee.org/abstract/document/9118146 http://dspace.bits-pilani.ac.in:8080/xmlui/handle/123456789/8439 |
Appears in Collections: | Department of Computer Science and Information Systems |
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.