Research Output
Intrusion detection using GSAD model for HTTP traffic on web services
  Intrusion detection systems are widely used security tools to detect cyber-attacks and malicious activities in computer systems and networks. Hypertext Transport Protocol (HTTP) is used for new applications without much interference. In this paper, we focus on intrusion detection of HTTP traffic by applying pattern recognition techniques using our Geometrical Structure Anomaly Detection (GSAD) model. Experimental results reveal that features extracted from HTTP request using GSAD model can be used to distinguish anomalous traffic from normal traffic, and attacks carried out over HTTP traffic can be identified. We evaluate and compare our results with the results of PAYL intrusion detection systems for the test of DARPA 1999 IDS data set. The results show GSAD has high detection rates and low false positive rates.

  • Date:

    28 June 2010

  • Publication Status:

    Published

  • Publisher

    ACM Press

  • DOI:

    10.1145/1815396.1815669

  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security

  • Funders:

    Edinburgh Napier Funded

Citation

Jamdagni, A., Tan, Z., Nanda, P., He, X., & Liu, R. P. (2010). Intrusion detection using GSAD model for HTTP traffic on web services. In IWCMC '10 Proceedings of the 6th International Wireless Communications and Mobile Computing Conference, (1193-1197). https://doi.org/10.1145/1815396.1815669

Authors

Keywords

Intrusion Detection, GSAD Model, Payload, HTTP, Attack

Monthly Views:

Available Documents