{"title":"基于马尔可夫协议解析的web攻击检测","authors":"J. Tapiador, P. García-Teodoro, J. D. Verdejo","doi":"10.1109/ISCC.2005.51","DOIUrl":null,"url":null,"abstract":"This paper presents a novel approach based on the monitoring of incoming HTTP requests to detect attacks against Web servers. The detection is accomplished through a Markovian model whose states and transitions between them are determined from the specification of the HTTP protocol while the probabilities of the symbols associated to the Markovian source are obtained during a training stage according to a set of attack-free requests for the target server. The experiments carried out show a high detection capability with low false positive rates at reasonable computation requirements.","PeriodicalId":315855,"journal":{"name":"10th IEEE Symposium on Computers and Communications (ISCC'05)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"59","resultStr":"{\"title\":\"Detection of Web-based attacks through Markovian protocol parsing\",\"authors\":\"J. Tapiador, P. García-Teodoro, J. D. Verdejo\",\"doi\":\"10.1109/ISCC.2005.51\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents a novel approach based on the monitoring of incoming HTTP requests to detect attacks against Web servers. The detection is accomplished through a Markovian model whose states and transitions between them are determined from the specification of the HTTP protocol while the probabilities of the symbols associated to the Markovian source are obtained during a training stage according to a set of attack-free requests for the target server. The experiments carried out show a high detection capability with low false positive rates at reasonable computation requirements.\",\"PeriodicalId\":315855,\"journal\":{\"name\":\"10th IEEE Symposium on Computers and Communications (ISCC'05)\",\"volume\":\"27 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"59\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"10th IEEE Symposium on Computers and Communications (ISCC'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC.2005.51\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"10th IEEE Symposium on Computers and Communications (ISCC'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC.2005.51","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Detection of Web-based attacks through Markovian protocol parsing
This paper presents a novel approach based on the monitoring of incoming HTTP requests to detect attacks against Web servers. The detection is accomplished through a Markovian model whose states and transitions between them are determined from the specification of the HTTP protocol while the probabilities of the symbols associated to the Markovian source are obtained during a training stage according to a set of attack-free requests for the target server. The experiments carried out show a high detection capability with low false positive rates at reasonable computation requirements.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
