A General Framework for Adaptive and Online Detection of Web attacks - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2009

A General Framework for Adaptive and Online Detection of Web attacks

Résumé

Detection of web attacks is an important issue in current defense-in-depth security framework. Many existing anomaly detection methods require a large amount of precisely labeled data to build a static model that is then used for attack detection. In practical environments, however, labeled data is very difficult to obtain. Moreover, the audit data for attack detection is typically streaming and the behavioral model is always evolving. Static detection models thus lead to considerable false positives. In this paper, we propose a novel general framework for adaptive and online detection of web attacks. The general framework can be based on any online clustering methods. A detection model based on the framework is able to learn online and deal with concept drift in web audit data streams. Str-DBSCAN that we extended DBSCAN [1] to streaming data as well as StrAP [3] are both used to validate the framework. The detection model based on the framework automatically labels the web audit data and adapts to normal behavior changes while identifies attacks through dynamical clustering of the streaming data. A very large size of real HTTP Log data collected in our institute is used to validate the framework and the model. The preliminary testing results demonstrated its effectiveness and efficiency.
Fichier non déposé

Dates et versions

inria-00461391 , version 1 (04-03-2010)

Identifiants

  • HAL Id : inria-00461391 , version 1

Citer

Wei Wang, Florent Masseglia, Thomas Guyet, René Quiniou, Marie-Odile Cordier. A General Framework for Adaptive and Online Detection of Web attacks. 18th International World Wide Web Conference - WWW 2009, Apr 2009, Madrid, Spain. ⟨inria-00461391⟩
192 Consultations
0 Téléchargements

Partager

Gmail Facebook X LinkedIn More