Back to University of Twente portal
Boosting Web Intrusion Detection Systems by Inferring Positive Signatures
Bolzoni, D. and Etalle, S. (2008) Boosting Web Intrusion Detection Systems by Inferring Positive Signatures. In: Confederated International Conferences On the Move to Meaningful Internet Systems (OTM), November 9-14, 2008, Monterrey, Mexico.
![[img]](http://doc.utwente.nl/style/images/fileicons/application_pdf.png) | PDF 509Kb |
| Abstract: | We present a new approach to anomaly-based network intrusion detection for web applications. This approach is based on dividing the input parameters of the monitored web application in two groups: the “regular” and the “irregular” ones, and applying a new method for anomaly detection on the “regular” ones based on the inference of a regular language. We support our proposal by realizing Sphinx, an anomaly-based intrusion detection system based on it. Thorough benchmarks show that Sphinx performs better than current state-of-the-art systems, both in terms of false positives/false negatives as well as needing a shorter training period. |
| Item Type: | Conference or Workshop Item |
| Faculty: | Electrical Engineering, Mathematics and Computer Science (EEMCS) |
| Research Group: | |
| Link to this item: | http://purl.utwente.nl/publications/65138 |
| Official URL: | http://dx.doi.org/10.1007/978-3-540-88873-4_2 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page
Metis ID: 252124